Security Advisory

CVE-2020-27422

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-11-16 15:49:10

Last updated 2024-08-04 16:18:44

Assigner mitre

State PUBLISHED

Description

In Anuko Time Tracker v1.19.23.5311, the password reset link emailed to the user doesnt expire once used, allowing an attacker to use the same link to takeover the account.

← Browse all CVEs View on cve.org ↗