QwikSec

Security Database

CVE

CWE

Training

CVE-2024-38457

Published: Jun 16, 2024

Modified: Aug 2, 2024

PUBLISHED

Description

Xenforo before 2.2.16 allows CSRF.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://xenforo.com/community/threads/xenforo-2-1-15-patch-1-2-2-16-patch-2-and-xenforo-media-gallery-2-1-9-2-2-6-released-includes-security-fixes.222133/

20240716 [KIS-2024-05] XenForo <= 2.2.15 (Widget::actionSave) Cross-Site Request Forgery Vulnerability

mailing-list

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.