GHSA-p5h2-vr99-xm99: 
PHP vulnerability analysis and mitigation

The vulnerability (GHSA-p5h2-vr99-xm99) titled 'ChangePasswordForm does not check Member::canLogIn()' was discovered in the Silverstripe framework. The issue was identified and disclosed on August 15, 2016, affecting multiple versions of the framework including 3.1.19, 3.2.4, 3.3.2, and 3.4.0. The vulnerability was assigned a moderate severity rating with a CVSS score of 4.3 (GitHub Advisory).

The vulnerability exists in the ChangePasswordForm::doChangePassword() function where the system logs in the user after a password reset without properly checking Member::canLogIn(). The Member::canLogIn() method was originally designed to verify if a user was locked out due to excessive login attempts, but its functionality had been expanded to include other access control checks. The vulnerability has a CVSS v3 base score of 4.3, with attack vector being Network, attack complexity Low, and requiring Low privileges (GitHub Advisory).

This vulnerability could be exploited as a way to bypass login restrictions by using the change password feature to log in users who are otherwise unable to access the system. This affects scenarios where users have not been approved or have had their access temporarily revoked (Silverstripe Security).

The vulnerability has been patched in versions 3.1.20, 3.2.5, 3.3.3, and 3.4.1. Users are advised to upgrade to these fixed versions to prevent potential exploitation (Silverstripe Security).