Security Advisories - phpbb/phpbb - Packagist

phpbb/phpbb Security Advisories for 3.2.7 (5)

[HIGH] phpBB arbitrary CSS injection

PKSA-b3tk-777y-1fwc CVE-2019-16108 GHSA-8hc2-hvrc-x4qr

Affected version: =3.2.7

Reported by:
GitHub
[MEDIUM] phpBB Cross-Site Request Forgery (CSRF)

PKSA-z6dh-45h4-1nm6 CVE-2019-16107 GHSA-wg24-9xm9-593v

Affected version: =3.2.7

Reported by:
GitHub
[MEDIUM] phpBB allows CSRF

PKSA-tqfr-br33-x7t7 CVE-2020-5502 GHSA-69q7-hww4-8pjq

Affected version: <=3.2.8

Reported by:
GitHub
[MEDIUM] phpBB Cross-Site Request Forgery (CSRF)

PKSA-q7ss-3rhj-ddrt CVE-2019-13376 GHSA-6mh2-98gr-wv76

Affected version: <=3.2.7

Reported by:
GitHub
[MEDIUM] Vulnerability which allows remote image dimensions check to be used to SSRF

PKSA-fvv8-yym2-vcvr CVE-2020-8226 GHSA-jhm9-h84h-rw83

Affected version: >=3.2.0,<3.2.10|>=3.3.0,<3.3.1

Reported by:
GitHub, FriendsOfPHP/security-advisories