Unauthenticated attackers can hijack user accounts through password reset notifications
CVE-2024-23830

8.3HIGH

Key Information:

Vendor

mantisbt

Status
mantisbt
Vendor
CVE Published:
20 February 2024

What is CVE-2024-23830?

An exploit in the MantisBT issue tracker allows an unauthenticated attacker to hijack user accounts by manipulating the password reset link. If the attacker knows a user's email address and username, they can exploit this vulnerability to gain unauthorized access. The issue has been addressed in version 2.26.1, where a patch is available to secure the affected functionality. Users are advised to update to the latest version or implement a workaround by configuring the $g_path setting in config_inc.php to mitigate potential attacks.

Affected Version(s)

mantisbt < 2.26.1

References

https://github.com/mantisbt/mantisbt/security/advisories/...
x_refsource_CONFIRM
https://github.com/mantisbt/mantisbt/commit/7055731d09ff1...
x_refsource_MISC
https://mantisbt.org/bugs/view.php?id=19381
x_refsource_MISC

CVSS V3.1

Score:
8.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.