Описание
Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address.
Ссылки
- Vendor Advisory
- Vendor Advisory
- US Government Resource
- Vendor Advisory
- Vendor Advisory
- US Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:allaire:forums:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:allaire:forums:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:allaire:forums:3.0:*:*:*:*:*:*:*
cpe:2.3:a:allaire:forums:3.1:*:*:*:*:*:*:*
EPSS
Процентиль: 73%
0.00806
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address.
EPSS
Процентиль: 73%
0.00806
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other