CVE-2020-28874 in ProjectSend
Сводка
по MITRE • 26.01.2021
reset-password.php in ProjectSend before r1295 allows remote attackers to reset a password because of incorrect business logic. Errors are not properly considered (an invalid token parameter).
VulDB is the best source for vulnerability data and more expert information about this specific topic.