PhpBB 3.2.8 Cross-Site Request Forgery (CSRF) Vulnerability

Summary

PhpBB 3.2.8 suffers from cross-site request forgery (CSRF) vulnerability

Credit:

The information has been provided by Marc

The original article can be found at:https://www.phpbb.com/community/viewtopic.php?f=14&t=2534536


Details

PhpBB 3.2.8 allows a CSRF attack that can modify a group avatar.

 

Vulnerable Systems:

PhpBB 3.2.8

 

CVE Information:

CVE-2020-5501

 

Disclosure Timeline:
Published Date:1/14/2020

Categories: News