SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  MantisBT verify.php Password Manipulation 2

Category: WEB-ATTACKS      

MantisBT through 2.3.0 allows arbitrary password reset and unauthenticated admin access via an empty confirm_hash value to verify.php.

References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7615


Relevant Information