2017-11-20 16:00:00
mitre
PUBLISHED
A SQL injection in classes/handler/public.php in the forgotpass component of Tiny Tiny RSS 17.4 exists via the login parameter.