CVE-2021-36436

Published April 20th, 2023

View on NVD ↗

CVSS v3

5.3

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

An issue in Mobicint Backend for Credit Unions v3 allows attackers to retrieve partial email addresses and user entered information via submission to the forgotten-password endpoint.

Laransec/Mobicint

Information Disclosure in Mobicint API for Credit Unions

GitHub