Unrated severityNVD Advisory· Published Mar 21, 2025· Updated Mar 21, 2025
CVE-2025-30344
CVE-2025-30344
Description
An issue was discovered in OpenSlides before 4.2.5. During login at the /system/auth/login/ endpoint, the system's response times differ depending on whether a user exists in the system. The timing discrepancy stems from the omitted hashing of the password (e.g., more than 100 milliseconds).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<4.2.5+ 1 more
- (no CPE)range: <4.2.5
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.