From 5648fe06ceae34cd40ecd10f7cfc8b3434098fcf Mon Sep 17 00:00:00 2001
From: MostInterestingBotInTheWorld
 <98333686+MostInterestingBotInTheWorld@users.noreply.github.com>
Date: Sun, 19 Jun 2022 11:23:34 -0400
Subject: [PATCH] Enhancement: cves/2017/CVE-2017-7615.yaml by mp

---
 cves/2017/CVE-2017-7615.yaml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/cves/2017/CVE-2017-7615.yaml b/cves/2017/CVE-2017-7615.yaml
index 2c4e7785e0..f1c89e217f 100644
--- a/cves/2017/CVE-2017-7615.yaml
+++ b/cves/2017/CVE-2017-7615.yaml
@@ -6,7 +6,7 @@ id: CVE-2017-7615
 # MantisBT before 1.3.10, 2.2.4, and 2.3.1, that can be downloaded on reference[1].
 
 info:
-  name: MantisBT <=2.30 - Arbitrary Password Reset and Unauthenticated Admin Access
+  name: MantisBT <=2.30 - Arbitrary Password Reset/Admin Access
   author: bp0lr,dwisiswant0
   severity: high
   description: MantisBT through 2.3.0 allows arbitrary password reset and unauthenticated admin access via an empty confirm_hash value to verify.php.
@@ -15,6 +15,7 @@ info:
     - http://hyp3rlinx.altervista.org/advisories/MANTIS-BUG-TRACKER-PRE-AUTH-REMOTE-PASSWORD-RESET.txt
     - https://www.exploit-db.com/exploits/41890
     - http://www.openwall.com/lists/oss-security/2017/04/16/2
+    - https://nvd.nist.gov/vuln/detail/CVE-2017-7615
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
@@ -42,3 +43,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/19