Tag
blueprintUE versions before 4.2.0 generate password reset tokens that remain valid indefinitely due to the absence of a timestamp validation, allowing attackers to potentially gain unauthorized access via token reuse.