Security Advisory

CVE-2022-25027

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-01-12 00:00:00

Last updated 2025-04-08 14:15:57

Assigner mitre

State PUBLISHED

Description

The Forgotten Password functionality of Rocket TRUfusion Portal v7.9.2.1 allows remote attackers to bypass authentication and access restricted pages by validating the users session token when the "Password forgotten?" button is clicked.

← Browse all CVEs View on cve.org ↗