
We found results for “”
CVE-2025-46047
Good to know:

Date: September 1, 2025
A User enumeration vulnerability in the /CredentialsServlet/ForgotPassword endpoint in Silverpeas 6.4.1 and 6.4.2 allows remote attackers to determine valid usernames via the Login parameter.
Severity Score
Related Resources (6)
Severity Score
Top Fix

Upgrade Version
Upgrade to version https://github.com/Silverpeas/Silverpeas-Core.git - 6.4.3
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | LOW |
Integrity (I): | LOW |
Availability (A): | NONE |