CVE-2019-12902

Published: 2019-06-20T00:15Z

Last Modified: 2024-11-21T04:23Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Pydio Cells before 1.5.0 does incomplete cleanup of a user's data upon deletion. This allows a new user, holding the same User ID as a deleted user, to restore the deleted user's data. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt