Authentication Bypass by Spoofing vulnerability in the password reset process of Pandora FMS allows an unauthenticated attacker to initiate a password reset process for any user account without proper authentication. This issue affects PandoraFMS v771 and prior versions on all platforms.
Credits
Thanks to Edisc from the VNG security team (edisc.ctf@gmail.com)
