Primary

Context

Payload CMS Password Recovery Flow Vulnerability Allowing Unauthenticated Actions on Behalf of Users

Vulnerability

Patched

A vulnerability exists in the password recovery process of Payload CMS versions prior to 3.79.1, specifically within the @payloadcms/graphql package. This issue allows an unauthenticated attacker to perform actions on behalf of a user who has requested a password reset. The vulnerability arises from unvalidated input in the password recovery endpoints, which could be exploited to manipulate the recovery process.

Impact

Exploitation of this vulnerability could lead to unauthorized actions being performed on behalf of users who initiate a password reset, potentially allowing attackers to gain access to user accounts or manipulate user data.

Remediation

Users are advised to upgrade to Payload CMS version 3.79.1 or later. Instructions for updating can be found in the release notes on the Payload CMS GitHub repository.

Added: Apr 1, 2026, 6:24 PM

Updated: Apr 1, 2026, 6:24 PM

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

1.3

exploitability

6.5

remediation

7.7

relevance

5.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

1.3

exploitability

6.5

remediation

7.7

relevance

5.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Payload CMS Password Recovery Flow Vulnerability Allowing Unauthenticated Actions on Behalf of Users

Vulnerability

Impact

Remediation

Affected Products

payload

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating