CVE-2023-35134 Information

Description

Weintek Weincloud v0.13.6

could allow an attacker to reset a password with the corresponding account’s JWT token only.

Reference

https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-04