Description
Cross-site request forgery (CSRF) vulnerability in Phorum before 5.2.16 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
References (3)
Core 3
Core References
Third Party Advisory third-party-advisory
x_refsource_jvn
http://jvn.jp/en/jp/JVN71435255/index.html
Various Sources x_refsource_misc
http://www.phorum.org/phorum5/read.php?64%2C147504
Third Party Advisory third-party-advisory
x_refsource_jvndb
http://jvndb.jvn.jp/jvndb/JVNDB-2011-000068
Scores
EPSS
0.0059
EPSS Percentile
43.8%
Details
CWE
CWE-352
Status
published
Products (50)
phorum/phorum
3.0.7
phorum/phorum
3.1
phorum/phorum
3.1.1
phorum/phorum
3.1.1_pre
phorum/phorum
3.1.1_rc2
phorum/phorum
3.1.1a
phorum/phorum
3.1.2
phorum/phorum
3.2
phorum/phorum
3.2.2
phorum/phorum
3.2.3
... and 40 more
Published
Sep 08, 2011
Tracked Since
Feb 18, 2026