feed.php in phpBB 3.0.7 prior to 3.0.7-PL1 does not properly check permissions for feeds, which allows remote malicious users to bypass intended access restrictions via unspecified attack vectors related to permission settings on a private forum.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phpbb phpbb 3.0.7 |