Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Time_tracker
(Anuko)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 12 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-11-16 | CVE-2020-27423 | Anuko Time Tracker v1.19.23.5311 lacks rate limit on the password reset module which allows attacker to perform Denial of Service attack on any legitimate user's mailbox | Time_tracker | 7.5 | ||
| 2020-11-16 | CVE-2020-27422 | In Anuko Time Tracker v1.19.23.5311, the password reset link emailed to the user doesn't expire once used, allowing an attacker to use the same link to takeover the account. | Time_tracker | 9.8 |