What the vulnerability does
01Description
Authentication Bypass by Spoofing vulnerability in Asgaros Asgaros Forum asgaros-forum allows Identity Spoofing.This issue affects Asgaros Forum: from n/a through <= 3.0.0.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
What the vulnerability does
Authentication Bypass by Spoofing vulnerability in Asgaros Asgaros Forum asgaros-forum allows Identity Spoofing.This issue affects Asgaros Forum: from n/a through <= 3.0.0.
Explanation of Vulnerability in Simple Terms
Asgaros Forum versions up to 3.0.0 contain an authentication bypass or privilege escalation vulnerability that allows low-privileged users to modify data they should not have access to. The vulnerability requires an attacker to be logged in and does not require user interaction from victims. Integrity of forum data can be compromised.
What an attacker can do
A logged-in user can modify forum data or settings they should not have permission to change.
Potential impact on your site
Forum data integrity may be compromised; users with low privileges could alter posts, settings, or other content.
Conditions required to exploit
Attacker must have a valid user account on the forum (low privilege level).
Key dates
External resources
Related vulnerabilities