CVE-2018-20301: An issue was discovered in Steve Pallen Coherence before 0.5.2 that is similar to a Mass Assignment vulnerability. In pa
Summary
CVE-2018-20301 is a mass assignment vulnerability (a flaw where an attacker can modify data fields they shouldn't be able to change) in Steve Pallen Coherence before version 0.5.2. The vulnerability allows users registering for accounts to update any field in the system, including automatically confirming their own accounts by adding a confirmed_at parameter to their registration request.
Vulnerability Details
4
EPSS: 0.2%
Classification
Taxonomy References
Related Issues
CVE-2022-21727: Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `Dequantize` is vulne
CVE-2026-22252: LibreChat is a ChatGPT clone with additional features. Prior to v0.8.2-rc2, LibreChat's MCP stdio transport accepts arbi
Original source: https://nvd.nist.gov/vuln/detail/CVE-2018-20301
First tracked: February 15, 2026 at 08:52 PM
Classified by LLM (prompt v3) · confidence: 45%