Vanilla Forums Multiple Cross Site Request Forgery Vulnerabilities
BID:59080
Info
Vanilla Forums Multiple Cross Site Request Forgery Vulnerabilities
| Bugtraq ID: | 59080 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 15 2013 12:00AM |
| Updated: | Apr 15 2013 12:00AM |
| Credit: | Henry Hoggard |
| Vulnerable: |
Vanilla Forums Vanilla 1.0.51 Vanilla Forums Vanilla 2.0.18.8 |
| Not Vulnerable: | |
Discussion
Vanilla Forums Multiple Cross Site Request Forgery Vulnerabilities
Vanilla Forums is prone to multiple cross-site request-forgery vulnerabilities because the application fails to properly validate HTTP requests.
Exploiting these issues may allow a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible
Vanilla Forums 1.0.51 and 2.0.18.8 are vulnerable.
Vanilla Forums is prone to multiple cross-site request-forgery vulnerabilities because the application fails to properly validate HTTP requests.
Exploiting these issues may allow a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible
Vanilla Forums 1.0.51 and 2.0.18.8 are vulnerable.
Solution / Fix
Vanilla Forums Multiple Cross Site Request Forgery Vulnerabilities
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Vanilla Forums Multiple Cross Site Request Forgery Vulnerabilities
References:
References:
- Vanilla Forums Homepage (Vanilla Forums)