Moderate severityNVD Advisory· Published Jan 14, 2020· Updated Aug 4, 2024
CVE-2020-5501
CVE-2020-5501
Description
phpBB 3.2.8 allows a CSRF attack that can modify a group avatar.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
phpbb/phpbbPackagist | >= 3.2.8, < 3.2.9 | 3.2.9 |
Affected products
3- phpBB/phpBBdescription
- osv-coords2 versions
>= 3.2.8, <= 3.2.8+ 1 more
- (no CPE)range: >= 3.2.8, <= 3.2.8
- (no CPE)range: >= 3.2.8, < 3.2.9
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-cpqc-g4r8-6hxgghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-5501ghsaADVISORY
- blog.phpbb.com/category/securityghsaWEB
- blog.phpbb.com/category/security/mitrex_refsource_MISC
- www.phpbb.com/community/viewtopic.phpghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.