Yazd » Yazd Discussion Forum : Security Vulnerabilities, CVEs,
Yazd Discussion Forum before 3.0 beta does not properly manage forum permissions, which allows remote authenticated users to (1) reply to a message in an arbitrary forum, if authorized to create a message in any forum; and (2) perform certain unauthorized forum actions, related to an "error in how the permissions were assembled" that assigns extra permissions to users.
Max CVSS
6.5
EPSS Score
0.47%
Published
2006-11-06
Updated
2017-07-20
1 vulnerabilities found