2020-12-24 14:30:11
mitre
PUBLISHED
Email Injection in TerraMaster TOS <= 4.2.06 allows remote unauthenticated attackers to abuse the forget password functionality and achieve account takeover.