MaxWebPortal 1.30 allows remote malicious users to perform unauthorized actions by modifying hidden form fields, such as the (1) news, (2) lock, or (3) allmem fields in the 'start new topic' HTML page.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|