CVE-2023-43902 Information

Description

Incorrect access control in the Forgot Your Password function of EMSigner v2.8.7 allows unauthenticated attackers to access accounts of all registered users including those with administrator privileges via a crafted password reset token.

Reference

https://secpro.llc/emsigner-cve-2/