CVE-2020-7378: OpenCRX Unverified Password Change (FIXED)
OpenCRX version 4.30 and version 5.0-20200717 suffers from an unverified password change vulnerability, which is an instance of CWE-620. This vulnerability has a CVSSv3 score of 9.1, which is usually CRITICAL, since it effectively allows anyone who can connect to the OpenCRX server to change the password...