CVE-2021-28399
N/A
N/A
Summary
OrangeHRM 4.7 allows an unauthenticated user to enumerate the valid username and email address via the forgot password function.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://www.orangehrm.com/
- https://github.com/C1inton/CVE-Record/blob/master/CVE%20Record/%5BCVE-2021-28399%5DOrangeHRM%204.7.md
References
- https://www.orangehrm.com/
- https://github.com/C1inton/CVE-Record/blob/master/CVE%20Record/%5BCVE-2021-28399%5DOrangeHRM%204.7.md
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.