VYPR
High severity7.5NVD Advisory· Published Sep 8, 2021· Updated Jun 17, 2026

CVE-2020-19137

CVE-2020-19137

Description

Incorrect Access Control in Autumn v1.0.4 and earlier allows remote attackers to obtain clear-text login credentials via the component "autumn-cms/user/getAllUser/?page=1&limit=10".

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Autumn/Autumndescription
  • Autumn/Autumnllm-create
    Range: <=1.0.4

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.