9.6 High
AI Score
Confidence
High
0.029 Low
EPSS
Percentile
90.9%
In Anuko Time Tracker v1.19.23.5311, the password reset link emailed to the user doesn’t expire once used, allowing an attacker to use the same link to takeover the account.
packetstormsecurity.com/files/160051/Anuko-Time-Tracker-1.19.23.5311-Password-Reset.html
www.anuko.com/time-tracker/index.htm