Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Predictable Generation of Password Recovery Token
Vulnerability Description
SOPlanning is vulnerable to Predictable Generation of Password Recovery Token. Due to weak mechanism of generating recovery tokens, a malicious attacker is able to brute-force all possible values and takeover any account in reasonable amount of time. This issue was fixed in version 1.55.
CVSS Information
N/A
Vulnerability Type
可预测问题
Vulnerability Title
SOPlanning 安全漏洞
Vulnerability Description
SOPlanning是SOPlanning公司的一套在线项目管理软件。 SOPlanning 1.55之前版本存在安全漏洞,该漏洞源于密码恢复令牌生成机制弱,可能导致账户接管。
CVSS Information
N/A
Vulnerability Type
N/A