VYPR
Critical severity9.8NVD Advisory· Published Nov 16, 2020· Updated Jun 17, 2026

CVE-2020-27422

CVE-2020-27422

Description

In Anuko Time Tracker v1.19.23.5311, the password reset link emailed to the user doesn't expire once used, allowing an attacker to use the same link to takeover the account.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.