Snitz Forums Password.ASP Password-Reset Vulnerability

info
discussion
exploit
solution
references

Snitz Forums Password.ASP Password-Reset Vulnerability

Snitz Forums has been reported prone to a password-reset vulnerability. It has been reported that by requesting a forgotten password, an attacker may reset arbitrary account passwords.

This issue was reported in Snitz Forums 3.4.0.3, other versions might also be affected.