CVE

CVE-2020-27408

CVE-2020-27408

OpenSIS Community Edition through 7.6 is affected by incorrect access controls for the file ResetUserInfo.php that allow an unauthenticated attacker to change the password of arbitrary users.

Source: CVE-2020-27408

Exit mobile version