Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-ph6g-6v8w-8p6m: Missing rate limit for password resets

Concrete CMS (previously concrete5) before 9.1 did not have a rate limit for password resets.

ghsa
#git

Missing rate limit for password resets

Moderate severity GitHub Reviewed Published Apr 28, 2023 to the GitHub Advisory Database • Updated May 1, 2023

Related news

CVE-2023-28821: Releases · concretecms/concretecms

Concrete CMS (previously concrete5) before 9.1 did not have a rate limit for password resets.

ghsa: Latest News

GHSA-hqmp-g7ph-x543: TunnelVision - decloaking VPNs using DHCP