CVE Daily

CVE-2016-8600

In dotCMS 3.2.1, attacker can load captcha once, fill it with correct value and ...

High CVSS 7.5

Overview

In dotCMS 3.2.1, attacker can load captcha once, fill it with correct value and then this correct value is ok for forms with captcha check later.

CWE: CWE-254 Published: 2016-10-28T15:59:12.767
Risk analysis

This vulnerability is rated 🟠 HIGH.

  • CVSS: 7.5 (HIGH)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags