CSRF Vulnerabilities in Infopop UBB.Threads before 6.5.2 Beta

CSRF Vulnerabilities in Infopop UBB.Threads before 6.5.2 Beta

CVE-2005-2059 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Multiple cross-site request forgery (CSRF) vulnerabilities in (1) addaddress.php, (2) toggleignore.php, (3) removeignore.php, and (4) removeaddress.php in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to modify settings as another user via a link or IMG tag.

Learn more about our User Device Pen Test.