3 matches found
PT-2025-44804
Name of the Vulnerable Software and Affected Versions Mantis Bug Tracker versions 2.27.1 and below Description Mantis Bug Tracker is an open source issue tracker. When a user modifies their profile to update their email address, the system saves the change without verifying ownership. This can le...
PT-2023-8977 · Grafana +3 · Grafana +3
Name of the Vulnerable Software and Affected Versions: Grafana affected versions not specified Description: The issue is related to a weakness in the authentication mechanism of Grafana, specifically with the verify email enabled option. This option only validates email addresses during the sign-...
CVE-2019-10673
A CSRF vulnerability in a logged-in user's profile edit form in the Ultimate Member plugin before 2.0.40 for WordPress allows attackers to become admin and subsequently extract sensitive information and execute arbitrary code. This occurs because the attacker can change the e-mail address in the...