Improper access control in Hashtopolis server web-interface chunk activity component for versions prior to 0.14.8 allows any created account to read all cracked hashes of a Hashtopolis server instance.
Metrics
Affected Vendors & Products
References
History
Fri, 17 Jul 2026 10:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Fri, 17 Jul 2026 09:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper access control in Hashtopolis server web-interface chunk activity component for versions prior to 0.14.8 allows any created account to read all cracked hashes of a Hashtopolis server instance. | |
| Title | Improper access control in Hashtopolis server chunk activity component | |
| Weaknesses | CWE-639 | |
| References |
| |
| Metrics |
cvssV4_0
|
Status: PUBLISHED
Assigner: DIVD
Published:
Updated: 2026-07-17T10:03:31.409Z
Reserved: 2026-01-06T11:08:58.185Z
Link: CVE-2026-22104
Updated: 2026-07-17T10:03:26.312Z
No data.
No data.
OpenCVE Enrichment
No data.