2 matches found
CVE-2018-19555
tp4a TELEPORT 3.1.0 has CSRF via user/do-reset-password to change any password, such as the administrator password...
CVE-2018-19555
tp4a TELEPORT 3.1.0 is affected by a CSRF vulnerability that allows an attacker to use the user/do-reset-password endpoint to change any password, including the administrator password. This is documented across multiple sources (NVD/NVD-derived refs, OSV, CVE lists) as a CSRF flaw that enables un...