Laravel Fortify TOTP Reuse Vulnerability

Laravel Fortify TOTP Reuse Vulnerability

CVE-2022-25838 · HIGH Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Laravel Fortify before 1.11.1 allows reuse within a short time window, thus calling into question the "OT" part of the "TOTP" concept.

Learn more about our Web Application Penetration Testing UK.