7.4 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
52.6%
Multiple cross-site request forgery (CSRF) vulnerabilities in PHParanoid before 0.4 allow remote attackers to hijack the authentication of arbitrary users for requests that use (1) admin.php or (2) private messages.
secunia.com/advisories/28847
sourceforge.net/project/shownotes.php?release_id=575358
exchange.xforce.ibmcloud.com/vulnerabilities/40518