Vulnerabilities (CVE)

Filtered by vendor Autumn Project Subscribe
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-19137 1 Autumn Project 1 Autumn 2024-02-04 5.0 MEDIUM 7.5 HIGH
Incorrect Access Control in Autumn v1.0.4 and earlier allows remote attackers to obtain clear-text login credentials via the component "autumn-cms/user/getAllUser/?page=1&limit=10".