Active Bulletin Board Arbitrary User Password Change Vulnerability

Active Bulletin Board is prone to a vulnerability that may permit attackers to change arbitrary
passwords.

Exploiting this issue may allow an attacker to change an arbitrary user's password, bypass the authentication mechanism, and gain unauthorized access to the affected application. This may lead to other attacks.

Active Bulletin Board version 1.1 beta2 is affected by this issue.


 

Privacy Statement
Copyright 2010, SecurityFocus