{"uuid": "37cc5b3b-34fd-43d2-9292-96cc33900f13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23830", "type": "seen", "source": "https://t.me/arpsyndicate/3785", "content": "#ExploitObserverAlert\n\nCVE-2024-23830\n\nDESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-23830. MantisBT is an open source issue tracker. Prior to version 2.26.1, an unauthenticated attacker who knows a user's email address and username can hijack the user's account by poisoning the link in the password reset notification message. A patch is available in version 2.26.1. As a workaround, define `$g_path` as appropriate in `config_inc.php`.", "creation_timestamp": "2024-02-21T13:55:09.000000Z"}