MantisBT: master-2.26 92d11a01
| Author | Committer | Branch | Timestamp | Parent |
|---|---|---|---|---|
| dregad | dregad | master-2.26 | 2024-05-05 20:09 | master-2.26 0a505623 |
| Affected Issues | 0034433: CVE-2024-34077: Account Takeover in Password Reset and Account Registration Feature | |||
| Changeset | Validate confirm hash when updating account This prevents an attacker from resetting another user's password if they Fixes 0034433, CVE-2024-xxxxx |
|||
| mod - account_update.php | Diff File | |||
| mod - verify.php | Diff File | |||
