An unauthenticated attacker can get users' emails by knowing usernames. A password reset email will be sent in response to this unsolicited request.
2025-04-15T21:15:55.060
2025-11-12T15:43:11.787
Analyzed
CVSSv3.1: 5.3 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | growatt | cloud_portal | ≤ 3.6.0 | Yes |