CVE-2020-28597
Epignosis EfrontPro 5.2.21 is affected by a password reset vulnerability where the reset token is generated from a predictable seed, enabling an attacker to reset passwords via the password-reset URL. Talos details show the hash is md5(reset_password_timestamp + login) and that the vulnerability ...