Description
feed.php in phpBB 3.0.7 before 3.0.7-PL1 does not properly check permissions for feeds, which allows remote attackers to bypass intended access restrictions via unspecified attack vectors related to permission settings on a private forum.
Remediation
References
Related Vulnerabilities
Internet Information Services Improper Authentication Vulnerability (CVE-2009-1535)
WordPress Plugin Abandoned Cart Lite for WooCommerce Security Bypass (5.14.2)
MediaWiki Improper Authentication Vulnerability (CVE-2014-2665)
WordPress Plugin TubePress Cross-Site Scripting (1.6.0)
WordPress Plugin WordPress Infinite Scroll-Ajax Load More Arbitrary File Upload (2.8.1.1)