"TITLE":"Improper Privilege Management in tooljet/tooljet"
},
"affects":{
"vendor":{
"vendor_data":[
{
"product":{
"product_data":[
{
"product_name":"tooljet/tooljet",
"version":{
"version_data":[
{
"version_affected":"<",
"version_value":"v1.26.1"
}
]
}
}
]
},
"vendor_name":"tooljet"
}
]
}
},
"data_format":"MITRE",
"data_type":"CVE",
"data_version":"4.0",
"description":{
"description_data":[
{
"lang":"eng",
"value":"Account Takeover :: when see the info i can see the hash pass i can creaked it ...............\nAccount Takeover :: when see the info i can see the forgot_password_token the hacker can send the request and changed the pass"