Multiple cross-site request forgery (CSRF) vulnerabilities in (1) addaddress.php, (2) toggleignore.php, (3) removeignore.php, and (4) removeaddress.php in Infopop UBB.Threads prior to 6.5.2 Beta allow remote malicious users to modify settings as another user via a link or IMG tag.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ubbcentral ubb.threads |