CVE-2023-40766

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 28, 2023
Updated: Nov 7, 2023
CWE ID 209

Summary

CVE-2023-40766 is a vulnerability affecting PHPJabbers Ticket Support Script version 3.2. During password recovery, an attacker can perform user enumeration by observing subtle differences in error messages. This issue allows adversaries to identify valid user accounts, increasing the effectiveness of brute force attacks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share