Administrator password reset

XMLWordPrintable

      An unauthenticated user is able to set the admin password of FishEye to any value, gaining admin access to the FishEye instance as a result.

      The vulnerability affects FishEye version 3.x. Versions earlier than 3.0 are not vulnerable. The vulnerability has been fixed in recent releases 3.0.4, 3.1.7, 3.2.5, 3.3.4, 3.4.4, 3.5.0.

      For additional details see the full advisory

              Assignee:
              Conor (Inactive)
              Reporter:
              VitalyA
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: