CVE-2018-15569

MEDIUM

my_little_forum 2.4.12 - Cross-Site Request Forgery for User Deletion

Title source: llm
STIX 2.1

Description

my little forum 2.4.12 allows CSRF for deletion of users.

References (1)

Core 1
Core References
Third Party Advisory, URL Repurposed x_refsource_misc
http://owendarlene.com/csrf-my-little-forum/

Scores

CVSS v3 6.5
EPSS 0.0041
EPSS Percentile 33.0%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Details

CWE
CWE-352
Status published
Products (1)
mylittleforum/my_little_forum 2.4.12
Published Aug 20, 2018
Tracked Since Feb 18, 2026