CVE-2020-7378
CVE-2020-7378 affects CRIXP OpenCRX versions 4.30 and 5.0-20200717 (and prior). The vulnerability is an unverified password change flaw that lets an attacker who can reach the OpenCRX instance change any user’s password (including admin-Standard) to an attacker-chosen value. Rapid7 and NVD descri...