CSRF Vulnerability in YaBB 1 GOLD SP 1.3.2 Allows Unauthorized Actions as Admin

CSRF Vulnerability in YaBB 1 GOLD SP 1.3.2 Allows Unauthorized Actions as Admin

CVE-2004-2403 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Cross-site request forgery (CSRF) vulnerability in YaBB 1 GOLD SP 1.3.2 allows remote attackers to perform unauthorized actions as the administrative user via a link or IMG tag to YaBB.pl that specifies the desired action, id, and moda parameters.

Learn more about our User Device Pen Test.