CVE-2004-2403

2005-08-1704:00:00

mitre

www.cve.org

AI Score

6.8

Confidence

Low

EPSS

0.013

Percentile

86.0%

JSON

Cross-site request forgery (CSRF) vulnerability in YaBB 1 GOLD SP 1.3.2 allows remote attackers to perform unauthorized actions as the administrative user via a link or IMG tag to YaBB.pl that specifies the desired action, id, and moda parameters.

References

archives.neohapsis.com/archives/bugtraq/2004-09/0227.html

secunia.com/advisories/12593

www.osvdb.org/10243

www.securityfocus.com/bid/11214

exchange.xforce.ibmcloud.com/vulnerabilities/17453