2 matches found
CVE-2022-30028
Dradis Professional Edition before 4.3.0 allows attackers to change an account password via reusing a password reset token...
CVE-2022-30028
Dradis Professional Edition (affected: prior to 4.3.0) is vulnerable to password change via reusing a password reset token in the password reset flow. Root cause: token reuse during reset enables an attacker to set a new password for an account. Impact: unauthorized password change as described i...