Description
Cross-site request forgery (CSRF) vulnerability in global.php in MyBB before 1.6.5 allows remote attackers to hijack the authentication of a user for requests that change the user's language via the language parameter.
Remediation
References
Related Vulnerabilities
MySQL CVE-2021-2226 Vulnerability (CVE-2021-2226)
WordPress Plugin bodi0`s Easy cache Cross-Site Scripting (0.8)
Lighttpd Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-1270)
WordPress Plugin Video Conferencing with Zoom Cross-Site Scripting (4.0.9)
WordPress Plugin Shopping Cart & eCommerce Store Multiple Security Bypass Vulnerabilities (3.0.20)