CVE-2025-46047 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A User enumeration vulnerability in the /CredentialsServlet/ForgotPassword endpoint in Silverpeas 6.4.1 and 6.4.2 allows remote attackers to determine valid use…
Medium CVSS: 6.5

CVE-2025-46047

A User enumeration vulnerability in the /CredentialsServlet/ForgotPassword endpoint in Silverpeas 6.4.1 and 6.4.2 allows remote attackers to determine valid usernames via the Login parameter.
Vendor
Silverpeas
Product
Silverpeas
CWE
CWE-20
Yayın Tarihi
2025-09-02 14:15:34
Güncelleme
2025-09-04 17:46:45
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-20 Silverpeas MEDIUM Silverpeas 2025

Referanslar

https://github.com/J0ey17/Silverpeas-Username-Enumeration-PoC https://github.com/Silverpeas/Silverpeas-Core/pull/1399