Richard Dean, CX security advisory, EMEAR, discovered this vulnerability. Blog by Jon Munshaw.
Epignosis eFront contains a vulnerability that could allow an adversary to reset the password of any account of their choosing. eFront is a learning management system platform that allows users to create training courses, post courses and more. An attacker could exploit this vulnerability by predicting a password reset seed to generate the correct password reset for a one-time token.
In...
[[ This is only the beginning! Please visit the blog for the complete entry ]]![]()
[[ This is only the beginning! Please visit the blog for the complete entry ]]