CVE-2015-1432
10.02.2015, 17:59
The message_options function in includes/ucp/ucp_pm_options.php in phpBB before 3.0.13 does not properly validate the form key, which allows remote attackers to conduct CSRF attacks and change the full folder setting via unspecified vectors.
Vendor | Product | Version |
---|---|---|
phpbb | phpbb | 𝑥 ≤ 3.0.12 |
𝑥
= Vulnerable software versions

Ubuntu Releases
Common Weakness Enumeration
References