CVE-2023-27195
The provided connected documents confirm a concrete vulnerability in Trimble TM4Web 22.2.0: an unauthenticated user can access a URL to retrieve the last registration access code and then use a PUT request to register a new account. If the retrieved code was used to create an Administrator accoun...