CVE-2024-22646

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-22646

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-22646.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-22646

Aliases

BIT-seopanel-2024-22646

Published

2024-01-30T07:15:08.027Z

Modified

2026-03-14T12:31:06.013315Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

An email address enumeration vulnerability exists in the password reset function of SEO Panel version 4.10.0. This allows an attacker to guess which emails exist on the system.

References

https://github.com/cassis-sec/CVE/tree/main/2024/CVE-2024-22646

Affected packages

Git / github.com/seopanel/seo-panel

Affected ranges

Type

GIT

Repo

https://github.com/seopanel/seo-panel

Events

Introduced

Last affected

344a4ee53db8aa6fd9b904485076b398f17818ee

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.10.0"
        }
    ]
}

Affected versions

4.*

4.10.0

4.2.0

4.3.0

4.4.0

4.5.0

4.6.0

4.7.0

4.8.0

4.9.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-22646.json"