Cross-site request forgery (CSRF) vulnerability in account/settings/account/index.php in phpFoX 1.6.21 allows remote malicious users to hijack the authentication of administrators for requests that change the email address via the act[update] action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phpfox phpfox 1.6.2.1 |