Security Advisory

CVE-2022-45782

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-02-01 00:00:00

Last updated 2025-03-27 16:12:49

Assigner mitre

State PUBLISHED

Description

An issue was discovered in dotCMS core 5.3.8.5 through 5.3.8.15 and 21.03 through 22.10.1. A cryptographically insecure random generation algorithm for password-reset token generation leads to account takeover.

← Browse all CVEs View on cve.org ↗