Vulnerabilities > Flarum

DATE	CVE	VULNERABILITY TITLE	RISK
2019-07-07	CVE-2019-13183	Cross-Site Request Forgery (CSRF) vulnerability in Flarum 0.1.0 Flarum before 0.1.0-beta.9 allows CSRF against all POST endpoints, as demonstrated by changing admin settings. network low complexity flarum CWE-352	8.8
2019-04-25	CVE-2019-11514	Incomplete Cleanup vulnerability in Flarum 0.1.0 User/Command/ConfirmEmailHandler.php in Flarum before 0.1.0-beta.8 mishandles invalidation of user email tokens. network low complexity flarum CWE-459	7.5
2018-11-09	CVE-2018-19133	Information Exposure vulnerability in Flarum 0.1.0 In Flarum Core 0.1.0-beta.7.1, a serious leak can get everyone's email address. network low complexity flarum CWE-200	5.3

Vulnerabilities > Flarum {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Flarum"}]}