Njmbb8

**Name of the Vulnerable Software and Affected Versions** Silverpeas versions 6.4.2 and lower **Description** The issue allows a remote attacker to cause a denial of service via the password change function. **Recommendations** For Silverpeas versions 6.4.2 and lower, as a temporary workaround, consider disabling the password change function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Silverpeas versions 6.4.2 and lower **Description** An issue in the password change function allows for the bypassing of password complexity requirements. **Recommendations** For Silverpeas versions 6.4.2 and lower, update to a version that includes a fix for this issue to prevent the bypassing of password complexity requirements. At the moment, there is no information about a newer version that contains a fix for this vulnerability.