CVE-2018-7305 | SynScan

Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2018-7305

MyBB 1.8.14 is not checking for a valid CSRF token, leading to arbitrary deletion of user accounts.

Published: Feb 21, 2018
Updated: Apr 13, 2023
CVE: CVE-2018-7305
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.9
AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:N/I:P/A:N

CWEs:

CWE-352

Affected Software
References

Software	From	Fixed in
mybb / mybb	1.8.14	1.8.14.x

https://websecnerd.blogspot.in/2018/02/mybb-forum-1_21.html