Unrated severityNVD Advisory· Published Jul 30, 2019· Updated Aug 5, 2024
CVE-2017-18380
CVE-2017-18380
Description
edx-platform before 2017-08-03 allows attackers to trigger password-reset e-mail messages in which the reset link has an attacker-controlled domain name.
Affected products
2- edx-platform/edx-platformdescription
- Range: <2017-08-03
Patches
Vulnerability mechanics
References
2- github.com/edx/edx-platform/pull/15773mitrex_refsource_MISC
- groups.google.com/forum/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.