CVE-2021-44839

CVE-2021-44839

An issue was discovered in Delta RM 1.2. It is possible to request a new password for any other account using the account ID. Using the /listes/DTsendmaildata/adm_utilisateur/send-mail.json endpoint, a user can send a JSON array with user IDs that will have their passwords reset (and new ones sent to their respective e-mail addresses).

Source: CVE-2021-44839

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다