flarum/core is vulnerable to cross-site request forgery (CSRF). The application was not able to determine the authenticity and origin of requests received due to a lack of anti-CSRF tokens. This allows remote attackers to submit unwanted requests on behalf of users when the users are tricked into visiting a malicious web page.
CPE | Name | Operator | Version |
---|---|---|---|
flarum/core | le | 0.1.0-beta.8.2 |