CVE-2020-5502 - OpenCVE

phpBB 3.2.8 allows a CSRF attack that can approve pending group memberships.

No CVSS v3.0

AV:N/AC:M/Au:N/C:N/I:P/A:N

Vendors	Products
Phpbb	Phpbb

Configuration 1 [-]

cpe:2.3:a:phpbb:phpbb:3.2.8:*:*:*:*:*:*:*

References

Link	Resource
https://blog.phpbb.com/category/security/	Vendor Advisory
https://www.phpbb.com/community/viewtopic.php?f=14&t=2534536	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2020-01-14T23:59:00

Updated: 2020-01-14T23:59:00

Reserved: 2020-01-05T00:00:00

Link: CVE-2020-5502

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-01-15T00:15:13.887

Modified: 2020-01-23T15:37:17.610

Link: CVE-2020-5502

JSON object: View

Redhat Information

No data.

CWE