High severity7.5NVD Advisory· Published Sep 8, 2021· Updated Jun 17, 2026
CVE-2020-19137
CVE-2020-19137
Description
Incorrect Access Control in Autumn v1.0.4 and earlier allows remote attackers to obtain clear-text login credentials via the component "autumn-cms/user/getAllUser/?page=1&limit=10".
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Autumn/Autumndescription
Patches
Vulnerability mechanics
References
1- github.com/ShuaiJunlan/Autumn/issues/82nvdExploitIssue TrackingPatchThird Party Advisory
News mentions
0No linked articles in our index yet.