CVE-2023-26855
The hashing algorithm of ChurchCRM v4.5.3 utilizes a non-random salt value which allows attackers to use precomputed has
The hashing algorithm of ChurchCRM v4.5.3 utilizes a non-random salt value which allows attackers to use precomputed hash tables or dictionary attacks to crack the hashed passwords.
HIGH · CVSS 7.5
EPSS 0.00319
Act now
- Public exploit or PoC is available
- SSVC automatable: yes - attacks can be scripted at scale
- CVSS base score ≥ 7.0
Sigma rules0
YARA rules0