SUSE CVE-2016-11074

An issue was discovered in Mattermost Server before 3.0.0. A password-reset link could be reused...

CVE-2025-61775

Vickey is a Misskey-based microblogging platform. A vulnerability exists in Vickey prior to version 2025.10.0 where unexpired email confirmation links can be reused multiple times to send repeated confirmation emails to a verified email address. Under certain conditions, a verified email address...

CVE-2025-61775 Vickey's unexpired email confirmation link can be reused to send repeated confirmation emails

Vickey is a Misskey-based microblogging platform. A vulnerability exists in Vickey prior to version 2025.10.0 where unexpired email confirmation links can be reused multiple times to send repeated confirmation emails to a verified email address. Under certain conditions, a verified email address...

CVE-2025-61775

The CVE-2025-61775 entry concerns Vickey, a Misskey-based microblogging platform. A vulnerability exists in Vickey prior to version 2025.10.0 whereby unexpired email confirmation links can be reused multiple times to trigger repeated confirmation emails to a verified address. Under certain condit...

UBUNTU-CVE-2022-23485

Sentry is an error tracking and performance monitoring platform. In versions of the sentry python library prior to 22.11.0 an attacker with a known valid invite link could manipulate a cookie to allow the same invite link to be reused on multiple accounts when joining an organization. As a result...

CVE-2022-23485 Invite code reuse via cookie manipulation in sentry

Sentry is an error tracking and performance monitoring platform. In versions of the sentry python library prior to 22.11.0 an attacker with a known valid invite link could manipulate a cookie to allow the same invite link to be reused on multiple accounts when joining an organization. As a result...

Mobileiron Sentry 安全漏洞

Mobileiron Sentry is a Smart Gateway product from Mobileiron, Inc. A security vulnerability exists in Mobileiron Sentry versions prior to 22.11.0, where an attacker with a known valid invitation link could manipulate cookies to allow the same invitation link to be reused on multiple accounts when...

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication via the password-reset link. An attacker can gain unauthorized access to user accounts by reusing a previously issued password-reset link. Remediation Upgrade github.com/mattermost/mattermost/model to version 3.0...

GHSA-J26G-95PH-2MWV Mattermost Server: Insufficient Password-Reset Link Invalidation

An issue was discovered in Mattermost Server before 3.0.0. A password-reset link could be reused...

Mattermost Server: Insufficient Password-Reset Link Invalidation

An issue was discovered in Mattermost Server before 3.0.0. A password-reset link could be reused...