Vulnerabilities > Jforum > High

DATE CVE VULNERABILITY TITLE RISK
2022-06-16 CVE-2022-26173 Cross-Site Request Forgery (CSRF) vulnerability in Jforum 2.8.0
JForum v2.8.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via http://target_host:port/jforum-2.8.0/jforum.page, which allows attackers to arbitrarily add admin accounts.
network
low complexity
jforum CWE-352
8.8
8.8