Vulnerability Details CVE-2023-3221
User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could allow a remote attacker to create a test script against the password recovery function to enumerate all users in the database.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 23.7%
CVSS Severity
CVSS v3 Score 5.3
References
Products affected by CVE-2023-3221
-
cpe:2.3:a:password_recovery_project:password_recovery:1.2