2018-08-17 15:29:00 2019-10-03 02:03:26

A privilege escalation detected in flintcms versions <= 1.1.9 allows account takeover due to blind MongoDB injection in password reset.