CVE-2019-15929
Craft CMS up to version 3.1.7 is affected by an authentication issue where the elevated session password prompt was not rate-limited, enabling brute-force attempts as described across multiple sources. The vulnerability affects the login flow for elevated sessions and is documented in CVE-2019-15...