CVE-2022-3978
CVE-2022-3978 affects NodeBB up to version 2.5.7, with CSRF vulnerability in the /register/abort path that can be triggered remotely. The issue is resolved by upgrading to 2.5.8, with patch identifier 2f9d8c350e54543f608d3d4c8e1a49bbb6cdea38. Connected sources consistently describe a cross‑site r...