Cross-site request forgery (CSRF) vulnerability in admBase/login.page in the Admin module in JForum allows remote malicious users to hijack the authentication of administrators for requests that change the user group permissions of arbitrary users via a groupsSave action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jforum jforum - |