Description

phpBB 3.2.8 allows a CSRF attack that can modify a group avatar.

Remediation

References

CVE-2020-5501

Related Vulnerabilities

WordPress Plugin Photo Gallery, Images, Slider in Rbs Image Gallery Unspecified Vulnerability (2.0.18)

WordPress Plugin Subscribe to Comments Unsubscribe Challenge Information Disclosure (2.0.2)

WordPress Plugin Official MailerLite Sign Up Forms SQL Injection (1.4.3)

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-16942)

WordPress Plugin Blue Admin Cross-Site Request Forgery (21.06.01)

Severity

Medium

Classification

CVE-2020-5501 CWE-352 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities