Skip to main content
Loading…
    CVE-2024-28270 — An issue discovered in web-flash v3.0 allows attackers to reset passwords for arbitrary users via crafted POST request to /prod-api/user/resetPassword. — CVE Database · The Intelligence Room