VYPR

JHipster

by Jhipster

CVEs (1)

  • CVE-2020-4072MedJun 25, 2020
    risk 0.28cvss 5.3epss 0.01

    In generator-jhipster-kotlin version 1.6.0 log entries are created for invalid password reset attempts. As the email is provided by a user and the api is public this can be used by an attacker to forge log entries. This is vulnerable to https://cwe.mitre.org/data/definitions/117.…