Anuko: >> Time Tracker >> 0.5 Security Vulnerabilities
Anuko Time Tracker v1.19.23.5311 lacks rate limit on the password reset module which allows attacker to perform Denial of Service attack on any legitimate user's mailbox
CVSS Score
7.5
EPSS Score
0.137
Published
2020-11-16
In Anuko Time Tracker before verion 1.19.23.5325, due to not properly filtered user input a CSV export of a report could contain cells that are treated as formulas by spreadsheet software (for example, when a cell value starts with an equal sign). This is fixed in version 1.19.23.5325.
CVSS Score
8.7
EPSS Score
0.012
Published
2020-10-16
Page 2