2 matches found
CVE-2020-27408
creationtimestamp| type| source ---|---|--- 2020-12-04 18:27:15+00:00| seen| https://t.me/cibsecurity/17155...
CVE-2020-27408
OpenSIS Community Edition up to version 7.6 is affected by an access-control flaw in ResetUserInfo.php that lets an unauthenticated attacker change arbitrary user passwords. The root cause is improper access controls on the ResetUserInfo.php endpoint, enabling password modification without authen...