b2evolution Arbitrary User Password Reset Vulnerability
b2evolution is a PHP and MySQL based blogging software developed by software developer Francois Planque. A security vulnerability exists in the 'lost password' feature in b2evolution versions prior to 6.7.9. The vulnerability can be exploited by a remote attacker to reset the password of any user...