説明
SOPlanning is vulnerable to Predictable Generation of Password Recovery Token. Due to weak mechanism of generating recovery tokens, a malicious attacker is able to brute-force all possible values and takeover any account in reasonable amount of time. This issue was fixed in version 1.55.
AI分析AIによる分析
影響を受ける製品
soplanningsoplanning
参照
- https://cert.pl/en/posts/2025/11/CVE-2025-62293Third Party Advisory
- https://www.soplanning.org/en/Product