Unrated severityNVD Advisory· Published Jan 7, 2023· Updated Aug 6, 2024

CESNET theme-cesnet resetpassword.php insufficiently protected credentials

CVE-2016-15014

Description

A vulnerability has been found in CESNET theme-cesnet up to 1.x on ownCloud and classified as problematic. Affected by this vulnerability is an unknown functionality of the file cesnet/core/lostpassword/templates/resetpassword.php. The manipulation leads to insufficiently protected credentials. Attacking locally is a requirement. Upgrading to version 2.0.0 is able to address this issue. The identifier of the patch is 2b857f2233ce5083b4d5bc9bfc4152f933c3e4a6. It is recommended to upgrade the affected component. The identifier VDB-217633 was assigned to this vulnerability.

Affected products

Cesnet/Theme Cesnetv5
Range: 1.x

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/CESNET/theme-cesnet/commit/2b857f2233ce5083b4d5bc9bfc4152f933c3e4a6mitrepatch
github.com/CESNET/theme-cesnet/releases/tag/2.0.0mitrepatch
github.com/CESNET/theme-cesnet/pull/1mitreissue-tracking
vuldb.commitresignaturepermissions-required
vuldb.commitrevdb-entrytechnical-description

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000