OpenSIS Community Edition up to and including 7.6 is affected by incorrect access controls for the file ResetUserInfo.php that allow an unauthenticated malicious user to change the password of arbitrary users.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
os4ed opensis |