Critical severity9.8NVD Advisory· Published Nov 16, 2020· Updated Jun 17, 2026
CVE-2020-27422
CVE-2020-27422
Description
In Anuko Time Tracker v1.19.23.5311, the password reset link emailed to the user doesn't expire once used, allowing an attacker to use the same link to takeover the account.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Anuko/Time Trackerdescription
- Range: = 1.19.23.5311
Patches
Vulnerability mechanics
References
2- packetstormsecurity.com/files/160051/Anuko-Time-Tracker-1.19.23.5311-Password-Reset.htmlnvdThird Party AdvisoryVDB Entry
- www.anuko.com/time-tracker/index.htmnvdProductVendor Advisory
News mentions
0No linked articles in our index yet.