ID CVE-2019-18818
Summary strapi before 3.0.0-beta.17.5 mishandles password resets within packages/strapi-admin/controllers/Auth.js and packages/strapi-plugin-users-permissions/controllers/Auth.js.
References
Vulnerable Configurations
CVSS
Base: 5.0
Impact:
Exploitability:
Access
VectorComplexityAuthentication
Impact
ConfidentialityIntegrityAvailability
assigner via4 cve@mitre.org
vulnerable_product via4
    Last major update 07-11-2019 - 22:15
    Published 07-11-2019 - 22:15
    Last modified 08-11-2019 - 01:29
    Back to Top