Unrated severityNVD Advisory· Published Apr 26, 2021· Updated Aug 3, 2024
CVE-2021-28399
CVE-2021-28399
Description
OrangeHRM 4.7 allows an unauthenticated user to enumerate the valid username and email address via the forgot password function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- OrangeHRM/OrangeHRMdescription
Patches
Vulnerability mechanics
References
2- github.com/C1inton/CVE-Record/blob/master/CVE%20Record/%5BCVE-2021-28399%5DOrangeHRM%204.7.mdmitrex_refsource_MISC
- www.orangehrm.commitrex_refsource_MISC
News mentions
0No linked articles in our index yet.