8x8: Send Phishing/Spam email from [email protected] to any email address.

The Sameroom API contained an endpoint to generate an email to notify the user that the account had been updated. This API request utilized a JSON body that specified the email address and DisplayName of the user without validating the format or characters of the DisplayName. An attacker could ha...