Description

Cross-site request forgery (CSRF) vulnerability in the Admin Control Panel (ACP) login in MyBB (aka MyBulletinBoard) before 1.8.4 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

Remediation

References

CVE-2015-2334

Related Vulnerabilities

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3547)

WordPress Plugin Error Log Viewer by BestWebSoft Cross-Site Scripting (1.0.5)

WordPress Plugin WooCommerce Anti-Fraud Security Bypass (3.2)

PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-1170)

Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-9788)

Severity

Medium

Classification

CVE-2015-2334 CWE-352

Tags

Missing Update Known Vulnerabilities