CVE-2026-45701

Severity CVSS v4.0:
MEDIUM
Type:
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
Publication date:
01/06/2026
Last modified:
01/06/2026

Description

Sulu is an open-source PHP content management system based on the Symfony framework. Prior to versions 2.6.23 and 3.0.6, the password reset tokenand API key generation uses a weak cryptographical hash algorithm. This issue has been patched in versions 2.6.23 and 3.0.6.