3 matches found
CVE-2019-19857
An issue was discovered in Serpico aka SimplE RePort wrIting and CollaboratiOn tool 1.3.0. An admin can change their password without providing the current password, by using interfaces outside the Change Password screen. Thus, requiring the admin to enter an Old Password value on the Change...
CVE-2019-19857
An issue was discovered in Serpico aka SimplE RePort wrIting and CollaboratiOn tool 1.3.0. An admin can change their password without providing the current password, by using interfaces outside the Change Password screen. Thus, requiring the admin to enter an Old Password value on the Change...
CVE-2019-19857
Affected product: Serpico 1.3.0 (SimplE RePort wrIting and CollaboratiOn tool). Vulnerability: Admin can change their password without providing the current password via interfaces outside the Change Password screen. This bypasses the Old Password check and is noted to be problematic in conjuncti...