VYPR
Unrated severityNVD Advisory· Published Jan 10, 2022· Updated Sep 16, 2024

NocoDB - Observable Discrepancy in the password-reset feature

CVE-2022-22120

Description

In NocoDB, versions 0.9 to 0.83.8 are vulnerable to Observable Discrepancy in the password-reset feature. When requesting a password reset for a given email address, the application displays an error message when the email isn't registered within the system. This allows attackers to enumerate the registered users' email addresses.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Nocodb/Nocodbllm-fuzzy2 versions
    >=0.9 <=0.83.8+ 1 more
    • (no CPE)range: >=0.9 <=0.83.8
    • (no CPE)range: 0.9

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.