Unrated severityNVD Advisory· Published Jan 21, 2021· Updated Aug 4, 2024
CVE-2020-28874
CVE-2020-28874
Description
reset-password.php in ProjectSend before r1295 allows remote attackers to reset a password because of incorrect business logic. Errors are not properly considered (an invalid token parameter).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- ProjectSend/ProjectSenddescription
- Range: < r1295
Patches
Vulnerability mechanics
References
4- projectsend.commitrex_refsource_MISC
- github.com/projectsend/projectsend/commit/440204734e9a1687cb9887e1c887173d23c5a93emitrex_refsource_CONFIRM
- github.com/projectsend/projectsend/commits/mastermitrex_refsource_MISC
- github.com/projectsend/projectsend/releases/tag/r1295mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.