CVE-2023-40260

EmpowerID before 7.205.0.1 allows an attacker to bypass an MFA (multi factor authentication) requirement if the first factor (username and password) is known, because the first factor is sufficient to change an account's email address, and the product would...
https://worldfishnews.com/cve-2023-40260-689413.html?utm_source=dlvr.it&utm_medium=blogger&utm_campaign=techfishnews

Comments