Cross-site request forgery (CSRF) vulnerability in include/admin/banlist.php in Phorum before 5.1.22 allows remote attackers to perform unauthorized banlist deletions as an administrator via the delete parameter.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Phorum | Phorum | * | 5.1.20 (including) |