CVE-2018-17298

An issue was discovered in Enalean Tuleap before 10.5. Reset password links are not invalidated after a user changes its password.