CVE-2020-13922 - Apache Dolphinscheduler
Moderate 6.5
Versions of Apache DolphinScheduler prior to 1.3.2 allowed an ordinary user under any tenant to override another users password through the API interface.
Affected software
Apache Dolphinscheduler