rss.php in UseBB before 1.0.11 does not properly handle forum configurations in which a user has the view permission but not the read permission, which allows remote attackers to bypass intended access restrictions by reading a forum feed in combination with a topic feed.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2010-10-27T22:00:00Z
Updated: 2024-09-16T20:31:51.958Z
Reserved: 2010-10-01T00:00:00Z
Link: CVE-2010-3713
Vulnrichment
No data.
NVD
Status : Modified
Published: 2010-10-28T00:00:04.297
Modified: 2024-11-21T01:19:26.980
Link: CVE-2010-3713
Redhat
No data.