B2evolution : Security Vulnerabilities, CVEs, Published In 2016
The "lost password" functionality in b2evolution before 6.7.9 allows remote attackers to reset arbitrary user passwords via a crafted request.
Max CVSS
7.5
EPSS Score
0.35%
Published
2016-12-02
Updated
2017-07-28
1 vulnerabilities found