Bitnami package
phpbb
pkg:bitnami/phpbb
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-5917 | — | < 3.3.11 | 3.3.11 | Nov 2, 2023 | A vulnerability, which was classified as problematic, has been found in phpBB up to 3.3.10. This issue affects the function main of the file phpBB/includes/acp/acp_icons.php of the component Smiley Pack Handler. The manipulation of the argument pak leads to cross site scripting. | ||
| CVE-2020-8226 | — | < 3.2.10 | 3.2.10 | Aug 17, 2020 | A vulnerability exists in phpBB <v3.2.10 and <v3.3.1 which allowed remote image dimensions check to be used to SSRF. | ||
| CVE-2020-5502 | — | >= 3.2.8, <= 3.2.8 | — | Jan 14, 2020 | phpBB 3.2.8 allows a CSRF attack that can approve pending group memberships. | ||
| CVE-2020-5501 | — | >= 3.2.8, <= 3.2.8 | — | Jan 14, 2020 | phpBB 3.2.8 allows a CSRF attack that can modify a group avatar. |
- CVE-2023-5917Nov 2, 2023affected < 3.3.11fixed 3.3.11
A vulnerability, which was classified as problematic, has been found in phpBB up to 3.3.10. This issue affects the function main of the file phpBB/includes/acp/acp_icons.php of the component Smiley Pack Handler. The manipulation of the argument pak leads to cross site scripting.
- CVE-2020-8226Aug 17, 2020affected < 3.2.10fixed 3.2.10
A vulnerability exists in phpBB <v3.2.10 and <v3.3.1 which allowed remote image dimensions check to be used to SSRF.
- CVE-2020-5502Jan 14, 2020affected >= 3.2.8, <= 3.2.8
phpBB 3.2.8 allows a CSRF attack that can approve pending group memberships.
- CVE-2020-5501Jan 14, 2020affected >= 3.2.8, <= 3.2.8
phpBB 3.2.8 allows a CSRF attack that can modify a group avatar.