Web Flash Broken Access Control Vulnerability
by Bcvgh
Source repositories
CVEs (1)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-28270 | Hig | 0.53 | 8.1 | 0.00 | Apr 8, 2024 | An issue discovered in web-flash v3.0 allows attackers to reset passwords for arbitrary users via crafted POST request to /prod-api/user/resetPassword. |
- risk 0.53cvss 8.1epss 0.00
An issue discovered in web-flash v3.0 allows attackers to reset passwords for arbitrary users via crafted POST request to /prod-api/user/resetPassword.