Alfresco Reset Password — known CVE vulnerabilities
Every CVE whose affected-product data names Alfresco Reset Password, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2020-15181 — CVSS 9.3 (critical): The Alfresco Reset Password add-on before version 1.2.0 relies on untrusted inputs in a security decision. Intruders can get admin's access…
CVE-2020-25728 — CVSS 8.8 (high): The Reset Password add-on before 1.2.0 for Alfresco has a broken algorithm (involving an increment) that allows a malicious user to change…