VYPR
Medium severity4.3NVD Advisory· Published Aug 26, 2018· Updated Jun 17, 2026

CVE-2018-15833

CVE-2018-15833

Description

In Vanilla before 2.6.1, the polling functionality allows Insecure Direct Object Reference (IDOR) via the Poll ID, leading to the ability of a single user to select multiple Poll Options (e.g., vote for multiple items).

Affected products

2
  • Vanilla OS/Vanillainferred2 versions
    <2.6.1+ 1 more
    • (no CPE)range: <2.6.1
    • (no CPE)range: <2.6.1

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.