CVE-2018-5682

CVE: CVE-2018-5682
Published: 2018-01-13T05:29Z
Vendor: prestashop
Products: prestashop
Versions: 1.7.2.4,
Description Language: en
Description: PrestaShop 1.7.2.4 allows user enumeration via the Reset Password feature, by noticing which reset attempts do not produce a “This account does not exist” error message.
References:
http://forge.prestashop.com/browse/BOOM-4613