CVE-2023-40179

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Aug 25, 2023
Updated: Aug 30, 2023
CWE ID 204

Summary

CVE-2023-40179 is a vulnerability affecting the Password Recovery form in Silverware Games, a premium social network. In prior versions up to 1.3.5, the form would return an error if the email address was not associated with an account, revealing whether the site had a user with that email. However, starting from version 1.3.6, the form always returns the "Enter the code" form, concealing this information and enhancing the security of email address validation. This update prevents potential attackers from performing reconnaissance on the system.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share