3 matches found
CVE-2020-25728
The Reset Password add-on before 1.2.0 for Alfresco has a broken algorithm involving an increment that allows a malicious user to change any user's account password include the admin account...
CVE-2020-25728
The Reset Password add-on before 1.2.0 for Alfresco has a broken algorithm involving an increment that allows a malicious user to change any user's account password include the admin account...
CVE-2020-25728
The CVE pertains to the Alfresco Reset Password add-on prior to version 1.2.0, which uses a broken increment-based algorithm that lets a malicious user change any user’s password, including the admin account. Exploitation details are not provided in the connected documents beyond this description...