CVE-2023-40766
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Aug 28, 2023
Updated: Nov 7, 2023
CWE ID 209
Summary
CVE-2023-40766 is a vulnerability affecting PHPJabbers Ticket Support Script version 3.2. During password recovery, an attacker can perform user enumeration by observing subtle differences in error messages. This issue allows adversaries to identify valid user accounts, increasing the effectiveness of brute force attacks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- PHPJabbers