CVE-2005-2059

Name of the Vulnerable Software and Affected Versions: Infopop UBB.Threads versions prior to 6.5.2 Beta

Description: The issue concerns multiple cross-site request forgery (CSRF) vulnerabilities found in several PHP files, including addaddress.php, toggleignore.php, removeignore.php, and removeaddress.php. These vulnerabilities allow remote attackers to modify settings as another user via a link or IMG tag.

Recommendations: For versions prior to 6.5.2 Beta, update to version 6.5.2 Beta or later to resolve the issue. As a temporary workaround, consider restricting access to the affected PHP files until a patch is applied. Avoid using links or IMG tags that could potentially exploit the CSRF vulnerabilities in the affected files.