{"id":"CVE-2018-19555","details":"tp4a TELEPORT 3.1.0 has CSRF via user/do-reset-password to change any password, such as the administrator password.","modified":"2026-07-08T16:40:12.500181Z","published":"2018-11-26T07:29:01.017Z","references":[{"type":"EVIDENCE","url":"https://github.com/Spicy1chicken/test/blob/master/Loophole_details.doc"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/tp4a/teleport","events":[{"introduced":"051b1fee287efcc56fa2adc83ba1ffc5537c2ec5"},{"last_affected":"051b1fee287efcc56fa2adc83ba1ffc5537c2ec5"}],"database_specific":{"extracted_events":[{"introduced":"3.1.0"},{"last_affected":"3.1.0"}],"source":"CPE_STRING","cpe":"cpe:2.3:a:tp4a:teleport:3.1.0:*:*:*:*:*:*:*"}}],"versions":["3.1.0","v3.1.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-19555.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}