CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L
AI Score
Confidence
Low
EPSS
Percentile
15.5%
Knowing a user’s email address and username, an unauthenticated attacker can hijack the user’s account by poisoning the link in the password reset notification message.
https://github.com/mantisbt/mantisbt/commit/7055731d09ff12b2781410a372f790172e279744
Define $g_path
as appropriate in config_inc.php.
https://mantisbt.org/bugs/view.php?id=19381
Thanks to the following security researchers for responsibly reporting and helping resolve this vulnerability.
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L
AI Score
Confidence
Low
EPSS
Percentile
15.5%