CVE-2025-66483
IBM Aspera Shares versions 1.9.9–1.11.0 are affected by an access control issue where a password reset does not invalidate the existing session, enabling an authenticated user to impersonate another user. The issue is documented across multiple sources (NVD, Red Hat, CNVD, EU ENISA, etc.) with th...