Description

Cross-site request forgery (CSRF) vulnerability in the Admin Control Panel (ACP) login in MyBB (aka MyBulletinBoard) before 1.8.4 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

Remediation

References

CVE-2015-2334

Related Vulnerabilities

MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-2244)

WordPress Plugin Cookie Bar Cross-Site Scripting (1.8.8)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-3180)

WordPress Plugin BrewMaster Multiple Cross-Site Scripting Vulnerabilities (1.0)

MediaWiki CVE-2022-41767 Vulnerability (CVE-2022-41767)

Severity

Medium

Classification

CVE-2015-2334 CWE-352

Tags

Missing Update Known Vulnerabilities