woshinibaba222/DoraCMS-Verification-Code-Reuse

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-49443 ↗	Dec 8, 2023Friday, 8 December 2023, 15:15	9.8 CRITICAL	—
DoraCMS v2.1.8 was discovered to re-use the same code for verification of valid usernames and passwords. This vulnerability allows attackers to gain access to the application via a bruteforce attack.