Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Time_tracker
(Anuko)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 12 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-10-16 | CVE-2020-15255 | In Anuko Time Tracker before verion 1.19.23.5325, due to not properly filtered user input a CSV export of a report could contain cells that are treated as formulas by spreadsheet software (for example, when a cell value starts with an equal sign). This is fixed in version 1.19.23.5325. | Time_tracker | 7.3 | ||
| 2020-11-16 | CVE-2020-27422 | In Anuko Time Tracker v1.19.23.5311, the password reset link emailed to the user doesn't expire once used, allowing an attacker to use the same link to takeover the account. | Time_tracker | 9.8 |