Description
MyBB 1.8.19 allows remote attackers to obtain sensitive information because it discloses the username upon receiving a password-reset request that lacks the code parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Bliss Gallery Arbitrary File Upload (2.3)
WordPress Plugin WP Photo Album Plus Unspecified Vulnerability (7.2.04)
Django Improper Authentication Vulnerability (CVE-2014-0482)
PHP Other Vulnerability (CVE-2014-4670)
WordPress Plugin Duplicator-WordPress Migration Cross-Site Scripting (0.4.4)