Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2015-1432

Опубликовано: 10 фев. 2015
Источник: debian
EPSS Низкий

Описание

The message_options function in includes/ucp/ucp_pm_options.php in phpBB before 3.0.13 does not properly validate the form key, which allows remote attackers to conduct CSRF attacks and change the full folder setting via unspecified vectors.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
phpbb3fixed3.0.12-4package
phpbb3fixed3.0.10-4+deb7u2wheezypackage
phpbb3no-dsasqueezepackage

Примечания

  • https://tracker.phpbb.com/browse/PHPBB3-13526

EPSS

Процентиль: 66%
0.00508
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2015-1432

ubuntu
почти 11 лет назад

The message_options function in includes/ucp/ucp_pm_options.php in phpBB before 3.0.13 does not properly validate the form key, which allows remote attackers to conduct CSRF attacks and change the full folder setting via unspecified vectors.

nvd логотип

CVE-2015-1432

nvd
почти 11 лет назад

The message_options function in includes/ucp/ucp_pm_options.php in phpBB before 3.0.13 does not properly validate the form key, which allows remote attackers to conduct CSRF attacks and change the full folder setting via unspecified vectors.

github логотип

GHSA-m45m-xf2m-pmfw

github
больше 3 лет назад

The message_options function in includes/ucp/ucp_pm_options.php in phpBB before 3.0.13 does not properly validate the form key, which allows remote attackers to conduct CSRF attacks and change the full folder setting via unspecified vectors.

EPSS

Процентиль: 66%
0.00508
Низкий