Description
The "lost password" functionality in b2evolution before 6.7.9 allows remote attackers to reset arbitrary user passwords via a crafted request.
Remediation
References
Related Vulnerabilities
WordPress Plugin Slimstat Analytics Security Bypass (5.0.5.1)
Mailman Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-42097)
Oracle HTTP Server NULL Pointer Dereference Vulnerability (CVE-2021-34798)
WordPress Plugin Image Slider-Responsive Slider Unspecified Vulnerability (2.4.2)
Oracle Database Server CVE-2007-2118 Vulnerability (CVE-2007-2118)