CVE-2019-19857
Affected product: Serpico 1.3.0 (SimplE RePort wrIting and CollaboratiOn tool). Vulnerability: Admin can change their password without providing the current password via interfaces outside the Change Password screen. This bypasses the Old Password check and is noted to be problematic in conjuncti...