Loading
tiki-login.php in Tiki before 21.2 sets the admin password to a blank value after 50 invalid login attempts.
Use CWE-307, Tiki vendor hub and Tiki product page to widen CVE-2020-15906 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2023-22850, CVE-2023-22853 and CVE-2023-22851 for nearby disclosures in the same product family.