Email Security Password Reset Link Expiration Vulnerability (CVE-2018-16529)
- Article Number: 000016655
- Products: Forcepoint Email Security
- Version: 8.5
- Last Published Date: April 01, 2019
A password reset vulnerability has been discovered in Forcepoint Email Security 8.5.x. The password reset URL can be used after the intended expiration period or after the link has already been used. We would like to thank Eitan Shav from Citadel Cyber Security Consulting for bringing this to our attention.