CSRF Vulnerability in Moderator Log Notes Plugin 1.1 for MyBB
CVE-2018-11502 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:P
An issue was discovered in the Moderator Log Notes plugin 1.1 for MyBB. It allows moderators to save notes and display them in a list in the modCP. An attacker can remotely delete all mod notes and mod note logs in the modCP and ACP via CSRF.
Learn more about our Web Application Penetration Testing UK.