VYPR
Medium severity6.5NVD Advisory· Published Jan 18, 2022· Updated Jun 17, 2026

CVE-2021-44839

CVE-2021-44839

Description

An issue was discovered in Delta RM 1.2. It is possible to request a new password for any other account using the account ID. Using the /listes/DTsendmaildata/adm_utilisateur/send-mail.json endpoint, a user can send a JSON array with user IDs that will have their passwords reset (and new ones sent to their respective e-mail addresses).

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Delta RM/Delta RMdescription
  • Totara/Rmllm-fuzzy
    Range: <=1.2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.