Filtered by vendor Autumn Project Subscriptions
Filtered by product Autumn Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-19137 1 Autumn Project 1 Autumn 2024-11-21 7.5 High
Incorrect Access Control in Autumn v1.0.4 and earlier allows remote attackers to obtain clear-text login credentials via the component "autumn-cms/user/getAllUser/?page=1&limit=10".