NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, the password forgot endpoint returned different…
GitHub_M·CWE-204·Published 2026-03-02
NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, the password forgot endpoint returned different responses for registered and unregistered emails, allowing user enumeration. This issue has been patched in version 0.301.3.
NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, the password forgot endpoint returned different responses for registered and unregistered emails, allowing user enumeration. This issue has been patched in version 0.301.3.
### Summary The password forgot endpoint returned different responses for registered and unregistered emails, allowing user enumeration. ### Details `POST /api/v2/auth/password/forgot` returned a success message for registered emails but `'Your email has not been registered.'` for unknown emails. The fix returns a uniform response regardless of whether the email exists. ### Impact An unauthenticated attacker can determine whether an email is registered. No credentials or data are exposed. ### Credit This issue was reported by [@Tulgaaaaaaaa](https://github.com/Tulgaaaaaaaa).
### Summary The password forgot endpoint returned different responses for registered and unregistered emails, allowing user enumeration. ### Details `POST /api/v2/auth/password/forgot` returned a success message for registered emails but `'Your email has not been registered.'` for unknown emails. The fix returns a uniform response regardless of whether the email exists. ### Impact An unauthenticated attacker can determine whether an email is registered. No credentials or data are exposed. ### Credit This issue was reported by [@Tulgaaaaaaaa](https://github.com/Tulgaaaaaaaa).
NocoDB es un software para construir bases de datos como hojas de cálculo. Antes de la versión 0.301.3, el endpoint de recuperación de contraseña devolvía respuestas diferentes para correos electrónicos registrados y no registrados, lo que permitía la enumeración de usuarios. Este problema ha sido parcheado en la versión 0.301.3.
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 3.1 | Primary | NVD | 5.3 | 3.9 | 1.4 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
| 4.0 | Primary | cve.org | 2.7 | — | — | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U |
| 4.0 | Primary | cve.org | 2.7 | — | — | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U |
| 4.0 | Secondary | NVD | 2.7 | — | — | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
| 4.0 | Secondary | GHSA | 2.7 | — | — | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U |