CVE-2013-7209

Cross-site request forgery (CSRF) vulnerability in admBase/login.page in the Admin module in JForum allows remote attackers to hijack the authentication of administrators for requests that change the user group permissions of arbitrary users via a groupsSave action.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:jforum:jforum:-:*:*:*:*:*:*:*

Information

Published : 2013-12-30 07:30

Updated : 2013-12-31 07:19


NVD link : CVE-2013-7209

Mitre link : CVE-2013-7209


JSON object : View

CWE
CWE-352

Cross-Site Request Forgery (CSRF)

Advertisement

dedicated server usa

Products Affected

jforum

  • jforum