CWE-836 - Use of Password Hash Instead of Password for Authentication


The software records password hashes in a data store, receives a hash of a password from a client, and compares the supplied hash to the hash obtained from the data store.

Latest vulnerabilities for CWE-836


Description of CWE-836 on Mitre website