First published: Thu Sep 09 2021(Updated: )
Fuel CMS 1.5.0 has a brute force vulnerability in fuel/modules/fuel/controllers/Login.php
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
TheDayLightStudio Fuel CMS | =1.5.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-38725 is a brute force vulnerability found in Fuel CMS 1.5.0 in the Login.php file.
Fuel CMS 1.5.0 is affected by CVE-2021-38725.
CVE-2021-38725 has a severity rating of 5.3 (medium).
To fix CVE-2021-38725, update Fuel CMS to a version that includes the fix, such as the commit 15934fdd309408640d1f2be18f93a8beadaa5e9b.
More information about CVE-2021-38725 can be found at the following references: [GitHub commit](https://github.com/daylightstudio/FUEL-CMS/commit/15934fdd309408640d1f2be18f93a8beadaa5e9b) and [GitHub issue](https://github.com/daylightstudio/FUEL-CMS/issues/581).