Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2015-1432

Опубликовано: 10 фев. 2015
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.8

Описание

The message_options function in includes/ucp/ucp_pm_options.php in phpBB before 3.0.13 does not properly validate the form key, which allows remote attackers to conduct CSRF attacks and change the full folder setting via unspecified vectors.

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-apps/xenial

not-affected

3.0.12-4
esm-infra-legacy/trusty

released

3.0.12-1ubuntu0.1~esm1
lucid

ignored

end of life
precise

ignored

end of life
precise/esm

DNE

precise was needed

Показывать по

Ссылки на источники

EPSS

Процентиль: 66%
0.00508
Низкий

6.8 Medium

CVSS2

Связанные уязвимости

nvd логотип

CVE-2015-1432

nvd
почти 11 лет назад

The message_options function in includes/ucp/ucp_pm_options.php in phpBB before 3.0.13 does not properly validate the form key, which allows remote attackers to conduct CSRF attacks and change the full folder setting via unspecified vectors.

debian логотип

CVE-2015-1432

debian
почти 11 лет назад

The message_options function in includes/ucp/ucp_pm_options.php in php ...

github логотип

GHSA-m45m-xf2m-pmfw

github
больше 3 лет назад

The message_options function in includes/ucp/ucp_pm_options.php in phpBB before 3.0.13 does not properly validate the form key, which allows remote attackers to conduct CSRF attacks and change the full folder setting via unspecified vectors.

EPSS

Процентиль: 66%
0.00508
Низкий

6.8 Medium

CVSS2