2 matches found
Unauthorized Session Creation And Password Reset
github.com/mattermost/mattermost-server is vulnerable to Unauthorized Session Creation And Password Reset. The vulnerability is due to a lack of proper validation for remote/synthetic users due to a shared channel configuration. This allows attackers to create munged email addresses using shared...
Learning Orange Education App Has Multiple Vulnerabilities
Learn Orange Education App is a mobile online learning application. There are arbitrary user registration, arbitrary user login and arbitrary user password reset vulnerabilities in XUOE APP. An attacker can register any account, log in to other users' systems, and reset any password by capturing...