CVE-2008-1323

Properties

Published:
12.03.2008
Updated:
15.03.2008
Patch available:
Severity:
Medium
CVSS vector:
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Product:
WoltLab: Burning Board Lite

Vulnerability description

Cross-site request forgery (CSRF) vulnerability in index.php in WoltLab Burning Board Lite (wBB) 2 Beta 1 allows remote attackers to delete threads as other users via the ThreadDelete action.

References:

BUGTRAQ: http://www.securityfocus.com/archive/1/archive/1/489294/100/0/threaded
XF: http://xforce.iss.net/xforce/xfdb/41098