CVE-2020-14015 – An issue was discovered in Navigate CMS 2.9 r1433. When performing a password reset, a use …

24 June 2020

Vuln ID: CVE-2020-14015

Published: 2020-06-24 15:15:11Z

Description: An issue was discovered in Navigate CMS 2.9 r1433. When performing a password reset, a user is emailed an activation code that allows them to reset their password. There is, however, a flaw when no activation code is supplied. The system will allow an unauthorized user to continue setting a password, even though no activation code was supplied, setting the password for the most recently created user in the system (the user with the highest user id).

Source: NVD.NIST.GOV

Date:

24 June 2020

Categorie(s):

NVD

Tag(s):

NVD

Dating apps kiss’n’tell all sorts of sensitive personal info4 May 2024
Multilogin Antidetect Browser Review 20244 May 2024
Navigating the API Security Landscape: A CEO’s Perspective on Embedding Zero Trust Principles4 May 2024
Lightsail VPN Review: Is Lightsail VPN Safe? [+Best Alternatives]4 May 2024
How To Secure Your Business In The Times Of All-pervasive Hackers4 May 2024