High severityNVD Advisory· Published Aug 22, 2022· Updated Aug 3, 2024
Weak Password Requirements in notrinos/notrinoserp
CVE-2022-2927
Description
Weak Password Requirements in GitHub repository notrinos/notrinoserp prior to 0.7.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
notrinos/notrinos-erpPackagist | < 0.7 | 0.7 |
Affected products
1- Range: unspecified
Patches
1e61e76b44c6aadded password validation for adding new user.
1 file changed · +1 −1
admin/users.php+1 −1 modified@@ -31,7 +31,7 @@ function can_process($new) { set_focus('user_id'); return false; } - if (!$new && ($_POST['password'] != '')) { + if ($new || (!$new && ($_POST['password'] != ''))) { if (strlen($_POST['password']) < 4) { display_error( _('The password entered must be at least 4 characters long.')); set_focus('password');
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
4- github.com/advisories/GHSA-qhm8-69qh-g76jghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-2927ghsaADVISORY
- github.com/notrinos/notrinoserp/commit/e61e76b44c6a2b28a4a648a06ef34f65c376ec1eghsax_refsource_MISCWEB
- huntr.dev/bounties/7fa956dd-f541-4dcd-987d-ba15caa6a886ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.