Inadequate Confirmation in Advanced Electron Forums (AEF) Allows CSRF Attacks

Inadequate Confirmation in Advanced Electron Forums (AEF) Allows CSRF Attacks

CVE-2011-3582 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

A Cross-site Request Forgery (CSRF) vulnerability exists in Advanced Electron Forums (AEF) through 1.0.9 due to inadequate confirmation for sensitive transactions in the administrator functions.

Learn more about our Web Application Penetration Testing UK.