28Şub
CVE-2025-27408 | mnfst manifest up to 4.9.0 Password Hash hash without salt (GHSA-h8h6-7752-g28c)
A vulnerability was found in mnfst manifest up to 4.9.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Password Hash Handler. The manipulation leads to one-way hash without salt. This vulnerability is handled as CVE-2025-27408. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.