CVE-2022-22120

In NocoDB, versions 0.9 to 0.83.8 are vulnerable to Observable Discrepancy in the password-reset feature. When requesting a password reset for a given email address, the application displays an error message when the email isn't registered within the system. This allows attackers to enumerate the registered users' email addresses.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:xgenecloud:nocodb:*:*:*:*:*:*:*:*

Information

Published : 2022-01-10 08:15

Updated : 2022-01-19 10:30


NVD link : CVE-2022-22120

Mitre link : CVE-2022-22120


JSON object : View

CWE
CWE-203

Observable Discrepancy

Advertisement

dedicated server usa

Products Affected

xgenecloud

  • nocodb