Autumn Project - Autumn CVE

Filtered by vendor Autumn Project Subscriptions

Filtered by product Autumn Subscriptions

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2020-19137	1 Autumn Project	1 Autumn	2024-08-04	7.5 High
Incorrect Access Control in Autumn v1.0.4 and earlier allows remote attackers to obtain clear-text login credentials via the component "autumn-cms/user/getAllUser/?page=1&limit=10".

Page 1 of 1.