ajenti.plugin.core has password bypass when 2FA is activated

### Impact If the 2FA was activated, it was possible to bypass the password authentication ### Patches This is fixed in the version 0.112. Users should upgrade to this version as soon as possible. Source Code Location: https://github.com/ajenti/ajenti Affected Packages: - pip:ajenti.plugin.core, affected < 0.112, patched in 0.112 CWEs: - CWE-287: Improper Authentication CVSS: - CVSS_V4: score 9.1, CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N References: - https://github.com/ajenti/ajenti/security/advisories/GHSA-3mcx-6wxm-qr8v - https://github.com/advisories/GHSA-3mcx-6wxm-qr8v