Unrated severityNVD Advisory· Published Apr 26, 2023· Updated Feb 3, 2025
CVE-2022-27978
CVE-2022-27978
Description
Tooljet v1.6 does not properly handle missing values in the API, allowing attackers to arbitrarily reset passwords via a crafted HTTP request.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Tooljet/Tooljetdescription
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.