3 matches found
CVE-2014-6299
Cross-site request forgery CSRF vulnerability in the mmforum extension before 1.9.3 for TYPO3 allows remote attackers to hijack the authentication of users for requests that create posts via unspecified vectors...
CVE-2014-6299
The CVE-2014-6299 entry concerns the TYPO3 extension mm_forum. A CSRF vulnerability existed in mm_forum up to version 1.9.2 that allowed remote attackers to hijack user authentication for requests that create posts. The TYPO3 security bulletin (TYPO3-EXT-SA-2014-001) confirms this class of vulner...
Several vulnerabilities in extension mm_forum (mm_forum)
It has been discovered that the extension "mmforum" mmforum is vulnerable to Arbitrary Code Execution, Cross-Site Scripting and Cross-Site Request Forgery Release Date: February 12, 2014 Bulletin update: September 18, 2014 added CVEs Component Type: Third party extension. This extension is not a...