Filtered by vendor Enilu Subscriptions
Filtered by product Web-flash Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-28270 1 Enilu 1 Web-flash 2024-11-21 8.1 High
An issue discovered in web-flash v3.0 allows attackers to reset passwords for arbitrary users via crafted POST request to /prod-api/user/resetPassword.