Headline
CVE-2022-2930
Unverified Password Change in GitHub repository octoprint/octoprint prior to 1.8.3.
Related news
GHSA-39gf-864w-pxw4: Unverified Password Change in OctoPrint
Versions of OctoPrint prior to 1.8.3 did not require the current user password in order to change that users password. As a result users could be locked out of their accounts or have their accounts stolen under certain circumstances.