Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
AlfrescoReset Password

2 matches found

CVE
CVEadded 2020/09/18 6:15 p.m.59 views

CVE-2020-15181

The Alfresco Reset Password add-on before version 1.2.0 relies on untrusted inputs in a security decision. Intruders can get admin's access to the system using the vulnerability in the project. Impacts all servers where this add-on is installed. The problem is fixed in version 1.2.0

10CVSS9.3AI score0.0023EPSS
CVE
CVEadded 2020/09/17 5:15 p.m.30 views

CVE-2020-25728

The Reset Password add-on before 1.2.0 for Alfresco has a broken algorithm (involving an increment) that allows a malicious user to change any user's account password include the admin account.

8.8CVSS8.7AI score0.00349EPSS