[HIGH] Mantis Bug Tracker (MantisBT) allows user account takeover in the signup/reset password process

PKSA-vn99-1c14-x82z CVE-2024-34077 GHSA-93x3-m7pw-ppqm

Affected package: mantisbt/mantisbt

Affected version: <=2.26.1

Reported by:
GitHub