CVE-2023-40179

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Aug 25, 2023

Updated: Aug 30, 2023

CWE ID 204

Summary

CVE-2023-40179 is a vulnerability affecting the Password Recovery form in Silverware Games, a premium social network. In prior versions up to 1.3.5, the form would return an error if the email address was not associated with an account, revealing whether the site had a user with that email. However, starting from version 1.3.6, the form always returns the "Enter the code" form, concealing this information and enhancing the security of email address validation. This update prevents potential attackers from performing reconnaissance on the system.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sR3H_f
https://www.cve.org/CVERecord?id=CVE-2023-40179
https://nvd.nist.gov/vuln/detail/CVE-2023-40179

Back to Vulnerability Database

CVE-2023-40179

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations