Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:35 a.m.7 views

CVE-2024-41888

Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. The password reset link remains valid within its expiration period even after it has been used. This could potentially lead to the link being misused or hijacked...

5.3CVSS7AI score0.01222EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/09 2:55 p.m.14 views

CVE-2024-41888 Apache Answer: The link for resetting user password is not Single-Use

Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. The password reset link remains valid within its expiration period even after it has been used. This could potentially lead to the link being misused or hijacked...

7.3AI score0.01222EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/09 2:55 p.m.43 views

CVE-2024-41888 Apache Answer: The link for resetting user password is not Single-Use

Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. The password reset link remains valid within its expiration period even after it has been used. This could potentially lead to the link being misused or hijacked...

0.01222EPSS
Exploits0References1
CVE
CVE
added 2024/08/09 2:55 p.m.65 views

CVE-2024-41888

The CVE-2024-41888 issue affects Apache Answer through version 1.3.5, where the password-reset link remains valid after use (not single-use), allowing potential misuse or hijacking. The impact is limited to authentication flow abuse as described; affected components are the password reset mechani...

5.3CVSS6.7AI score0.01222EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder