{"id":"BIT-phpbb-2020-5501","details":"phpBB 3.2.8 allows a CSRF attack that can modify a group avatar.","aliases":["CVE-2020-5501","GHSA-cpqc-g4r8-6hxg"],"modified":"2024-04-24T17:57:32.444255Z","published":"2024-03-06T11:01:53.606Z","database_specific":{"cpes":["cpe:2.3:a:phpbb:phpbb:3.2.8:*:*:*:*:*:*:*"],"severity":"Medium"},"references":[{"type":"WEB","url":"https://blog.phpbb.com/category/security/"},{"type":"WEB","url":"https://www.phpbb.com/community/viewtopic.php?f=14&t=2534536"}],"affected":[{"package":{"name":"phpbb","ecosystem":"Bitnami","purl":"pkg:bitnami/phpbb"},"ranges":[{"type":"SEMVER","events":[{"introduced":"3.2.8"},{"last_affected":"3.2.8"}]}],"database_specific":{"source":"https://github.com/bitnami/vulndb/tree/main/data/phpbb/BIT-phpbb-2020-5501.json"},"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}]}],"schema_version":"1.7.3"}