Unrated severityNVD Advisory· Published Sep 7, 2023· Updated Sep 26, 2024
Soar Cloud Ltd. HR Portal - Weak Password Recovery Mechanism for Forgotten Password
CVE-2023-34357
Description
Soar Cloud Ltd. HR Portal has a weak Password Recovery Mechanism for Forgotten Password. The reset password link sent out through e-mail, and the link will remain valid after the password has been reset and after the expected expiration date. An attacker with access to the browser history or has the line can thus use the URL again to change the password in order to take over the account.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Soar Cloud Ltd./HR Portalv5Range: 7.3.2023.0510
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.