How severe is CVE-2022-45782?

CVE-2022-45782 has a CVSS v3 score of 8.8 (HIGH).

CVE-2022-45782

Name: dotcms
Author: dotcms

8.8HIGH

An issue was discovered in dotCMS core 5.3.8.5 through 5.3.8.15 and 21.03 through 22.10.1. A cryptographically insecure random generation algorithm for password-reset token generation leads to account

Опубликовано: 2/1/2023Обновлено: 3/27/2025

Описание

An issue was discovered in dotCMS core 5.3.8.5 through 5.3.8.15 and 21.03 through 22.10.1. A cryptographically insecure random generation algorithm for password-reset token generation leads to account takeover.

ИИ-АнализНа базе ИИ

Затронутые продукты

dotcmsdotcms

Ссылки

https://www.dotcms.com/security/SI-66
Vendor Advisory
https://www.dotcms.com/security/SI-66
Vendor Advisory