JForum v2.8.0 exists to contain a Cross-Site Request Forgery (CSRF) via target_host:port/jforum-2.8.0/jforum.page, which allows malicious users to arbitrarily add admin accounts.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jforum jforum 2.8.0 |