A vulnerability exists in phpBB <v3.2.10 and <v3.3.1 which allowed remote image dimensions check to be used to SSRF.
Max CVSS
5.8
EPSS Score
0.09%
Published
2020-08-17
Updated
2020-08-21
phpBB 3.2.8 allows a CSRF attack that can approve pending group memberships.
Max CVSS
6.5
EPSS Score
0.05%
Published
2020-01-15
Updated
2020-01-23
phpBB 3.2.8 allows a CSRF attack that can modify a group avatar.
Max CVSS
4.3
EPSS Score
0.05%
Published
2020-01-15
Updated
2020-01-23
phpBB 3.2.7 allows adding an arbitrary Cascading Style Sheets (CSS) token sequence to a page through BBCode.
Max CVSS
7.5
EPSS Score
0.12%
Published
2020-03-20
Updated
2020-08-24
Missing form token validation in phpBB 3.2.7 allows CSRF in deleting post attachments.
Max CVSS
4.3
EPSS Score
0.05%
Published
2020-03-11
Updated
2020-03-11
5 vulnerabilities found