Security Advisory

CVE-2020-1772

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-03-27 12:47:49

Last updated 2024-09-16 23:25:42

Assigner OTRS

State PUBLISHED

Description

Its possible to craft Lost Password requests with wildcards in the Token value, which allows attacker to retrieve valid Token(s), generated by users which already requested new passwords. This issue affects: ((OTRS)) Community Edition 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.

← Browse all CVEs View on cve.org ↗