RSS   Vulnerabilities for 'Admin notes'   RSS

2018-05-21
 
CVE-2018-11092

CWE-352
 

 
An issue was discovered in the Admin Notes plugin 1.1 for MyBB. CSRF allows an attacker to remotely delete all admin notes via an admin/index.php?empty=table (aka Clear Table) action.

 


Copyright 2018, cxsecurity.com

 

Back to Top