Количество 2
Количество 2
CVE-2024-49376
Autolab, a course management service that enables auto-graded programming assignments, has misconfigured reset password permissions in version 3.0.0. For email-based accounts, users with insufficient privileges could reset and theoretically access privileged users' accounts by resetting their passwords. This issue is fixed in version 3.0.1. No known workarounds exist.
GHSA-v46j-h43h-rwrm
Autolab Misconfigured Reset Password Permissions
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-49376 Autolab, a course management service that enables auto-graded programming assignments, has misconfigured reset password permissions in version 3.0.0. For email-based accounts, users with insufficient privileges could reset and theoretically access privileged users' accounts by resetting their passwords. This issue is fixed in version 3.0.1. No known workarounds exist. | CVSS3: 8.8 | 0% Низкий | больше 1 года назад |
| GHSA-v46j-h43h-rwrm Autolab Misconfigured Reset Password Permissions | CVSS3: 8.8 | 0% Низкий | больше 1 года назад |
Уязвимостей на страницу