Jforum » Jforum : Security Vulnerabilities, CVEs, (CSRF)

CVE-2022-26173

JForum v2.8.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via http://target_host:port/jforum-2.8.0/jforum.page, which allows attackers to arbitrarily add admin accounts.
Max CVSS
8.8
EPSS Score
0.17%
Published
2022-06-16
Updated
2022-06-28

CVE-2013-7209

Cross-site request forgery (CSRF) vulnerability in admBase/login.page in the Admin module in JForum allows remote attackers to hijack the authentication of administrators for requests that change the user group permissions of arbitrary users via a groupsSave action.
Max CVSS
6.8
EPSS Score
1.00%
Published
2013-12-30
Updated
2013-12-31
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close