Vulnerability CVE-2018-5682


Published: 2018-01-13

Description:
PrestaShop 1.7.2.4 allow user enumeration via the Reset Password feature, by noticing which reset attempts do not produce a "This account does not exist" error message.

 References:
http://forge.prestashop.com/browse/BOOM-4613

Copyright 2018, cxsecurity.com

 

Back to Top