{"vulnerability": "CVE-2024-23830", "sightings": [{"uuid": "37cc5b3b-34fd-43d2-9292-96cc33900f13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23830", "type": "seen", "source": "https://t.me/arpsyndicate/3785", "content": "#ExploitObserverAlert\n\nCVE-2024-23830\n\nDESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-23830. MantisBT is an open source issue tracker. Prior to version 2.26.1, an unauthenticated attacker who knows a user's email address and username can hijack the user's account by poisoning the link in the password reset notification message. A patch is available in version 2.26.1. As a workaround, define `$g_path` as appropriate in `config_inc.php`.", "creation_timestamp": "2024-02-21T13:55:09.000000Z"}, {"uuid": "3e8ba5de-bd37-4ecf-82b6-5df57ed5c831", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23830", "type": "seen", "source": "https://t.me/ctinow/189000", "content": "https://ift.tt/8TVIWck\nCVE-2024-23830", "creation_timestamp": "2024-02-20T23:26:54.000000Z"}, {"uuid": "420176a6-3a90-4e01-88ec-18882fabdc94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23830", "type": "seen", "source": "https://t.me/ctinow/189008", "content": "https://ift.tt/8TVIWck\nCVE-2024-23830", "creation_timestamp": "2024-02-20T23:27:07.000000Z"}]}