CVE-2026-45701

Published: Giu 01, 2026 Last Modified: Giu 01, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 6,9

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

Description

AI Translation Available

Sulu is an open-source PHP content management system based on the Symfony framework. Prior to versions 2.6.23 and 3.0.6, the password reset tokenand API key generation uses a weak cryptographical hash algorithm. This issue has been patched in versions 2.6.23 and 3.0.6.

327

Use of a Broken or Risky Cryptographic Algorithm

Draft

Abstraction: Class Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality Integrity Accountability Non-Repudiation

Potential Impacts:

Read Application Data Modify Application Data Hide Activities

Applicable Platforms

Languages: Not Language-Specific, Verilog, VHDL

Technologies: Not Technology-Specific, ICS/OT

Likelihood of Exploit: High

View CWE Details

https://github.com/sulu/sulu/releases/tag/2.6.23

https://github.com/sulu/sulu/releases/tag/3.0.6

https://github.com/sulu/sulu/security/advisories/GHSA-7fv8-…

https://github.com/sulu/sulu/security/advisories/GHSA-7fv8-6pp7-6h85

CVE-2026-45701

Description

Use of a Broken or Risky Cryptographic Algorithm

Common Consequences

Applicable Platforms

Iscriviti alla newsletter