Description
feed.php in phpBB 3.0.7 before 3.0.7-PL1 does not properly check permissions for feeds, which allows remote attackers to bypass intended access restrictions via unspecified attack vectors related to permission settings on a private forum.
Remediation
References
Related Vulnerabilities
WordPress Plugin Multiple Roles Cross-Site Request Forgery (1.3.1)
WordPress Plugin WordPress Easy Custom Js And Css Cross-Site Scripting (1.1.2)
Jenkins Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2021-21615)
WordPress Plugin SMS OVH Cross-Site Scripting (0.1)
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-11585)