1 results (0.003 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

OpenText BizManager before 16.6.0.1 does not perform proper validation during the change-password operation. This allows any authenticated user to change the password of any other user, including the Administrator account. • https://businessnetwork.opentext.com/b2b-gateway https://hackandpwn.com/disclosures/CVE-2022-35898.pdf • CWE-287: Improper Authentication •