1 matches found
CVE-2018-1000503
MyBB before 1.8.15 contains an Incorrect Access Control vulnerability in private forums that can allow viewing private forum posts without a password via an IDOR-like subscribe-to-forum action; fixed in 1.8.15.