Back

268

Source: cwe.mitre.org

Published:

<p>This code allows someone with the role of "ADMIN" or "OPERATOR" to reset a user's password. The role of "OPERATOR" is intended to have less privileges than an "ADMIN", but still be able to help users with small issues such as forgotten passwords.</p> <p>This code does not check the role of the us

Read original article

Loading article...

Article not found