Description
An authorization bypass in b2evolution allows remote, unauthenticated attackers to predict password reset tokens for any user through the use of a bad randomness function. This allows the attacker to get valid sessions for arbitrary users, and optionally reset their password. Tested and confirmed in a default installation of version 7.2.3. Earlier versions are affected, possibly earlier major versions as well.
Remediation
References
Related Vulnerabilities
Spring Cloud Gateway Incorrect Authorization Vulnerability (CVE-2021-22051)
Apache HTTP Server Incorrect Calculation of Buffer Size Vulnerability (CVE-2004-0747)
WordPress Plugin Advanced Custom Fields (ACF) Security Bypass (5.12)
MySQL CVE-2019-2624 Vulnerability (CVE-2019-2624)
WordPress Plugin Social Sharing-Sassy Social Share Cross-Site Scripting (3.3.39)