Description

feed.php in phpBB 3.0.7 before 3.0.7-PL1 does not properly check permissions for feeds, which allows remote attackers to bypass intended access restrictions via unspecified attack vectors related to permission settings on a private forum.

Remediation

References

CVE-2010-1627

Related Vulnerabilities

Phusion Passenger Other Vulnerability (CVE-2014-1831)

MediaWiki CVE-2023-22909 Vulnerability (CVE-2023-22909)

datatables Cross-site Scripting (XSS) Vulnerability (CVE-2015-6584)

WordPress Plugin Structured Content (JSON-LD) #wpsc Cross-Site Scripting (1.5)

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-0212)

Severity

Medium

Classification

CVE-2010-1627 CWE-264

Tags

Missing Update Known Vulnerabilities