Born05 Craftcms Plugin - Two-factor Authentication
2 CVEs affecting Born05 Craftcms Plugin - Two-factor Authentication. Latest disclosed: 2024-06-06. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-5658 | Medium | 4.8 | 2024-06-06 | The CraftCMS plugin Two-Factor Authentication through 3.3.3 allows reuse of TOTP tokens multiple times within the validity period. |
CVE-2024-5657 | Low | 3.7 | 2024-06-06 | The CraftCMS plugin Two-Factor Authentication in versions 3.3.1, 3.3.2 and 3.3.3 discloses the password hash of the currently authenticated user after submitti… |