CVE-2008-6507: phpBB vulnerable to sensitive information disclosure
(updated )
Unspecified vulnerability in phpBB before 3.0.4 allows attackers to obtain sensitive information via unknown vectors related to the lack of password prompts for a private message that quotes a post in a password-protected forum.
References
- github.com/advisories/GHSA-jw8f-q84g-r3vm
- github.com/phpbb/phpbb-app
- github.com/phpbb/phpbb-app/commit/fce23bc91b1e325eb65a2515cf8ae13e180023e9
- github.com/phpbb/phpbb/commit/866e4196f4f50a41a1f176a17cc56609a13d4a10
- github.com/phpbb/phpbb/commit/a0c9705bb7d3e203324d777782a6915bf5eee1d1
- nvd.nist.gov/vuln/detail/CVE-2008-6507
Detect and mitigate CVE-2008-6507 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →