30 Sep 2019
Vulnérabilité CVE-2019-16993 CVE Vulnerability
In phpBB before 3.1.7-PL1, includes/acp/acp_bbcodes.php has improper verification of a CSRF token on the BBCode page in the Administration Control Panel. An actual CSRF attack is possible if an attacker also manages to retrieve the session id of a reauthenticated administrator prior to targeting them. (CVSS:0.0) (Last Update:2019-09-30)
Vulnerability Details : In phpBB before 3.1.7-PL1, includes/acp/acp_bbcodes.php has improper verification of a CSRF token on the BBCode page in the Administration Control Panel. An actual CSRF attack is possible if an attacker also manages to retrieve the session id of a reauthenticated administrator prior to targeting them. Publish Date : 2019-09-30 Last Update Date : 2019-09-30 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2019-16993
- References For CVE-2019-16993 | |||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2019-16993There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |