Vulnerability Description: Weak Password Requirements - CWE-521
Software Version: 2.0
NIST: https://nvd.nist.gov/vuln/detail/CVE-2025-24949
CVSS:
Severity:
Credits: Alberto Arganese, Cristian Castrechini, Federico Draghelli, Massimiliano Brolli
It is possible to bypass security requirements during the password change process.
Security Impact
Bypassing the password complexity criteria, it is possible to use weak passwords and compromise the security of the user account.