CVE-2015-2286
CVE-2015-2286 concerns Open edX edx-platform. The vulnerability is in the template file lms/templates/footer-edx-new.html prior to 2015-01-29, where links on the password-reset page were not properly restricted. This allowed user-assisted remote attackers to discover password-reset tokens by read...