CVE-2008-0472

Name of the Vulnerable Software and Affected Versions Woltlab Burning Board (wBB) version 2.3.6 PL2

Description A cross-site request forgery (CSRF) issue exists, allowing remote attackers to perform actions such as deleting threads, potentially impersonating moderators or administrators.

Recommendations For version 2.3.6 PL2, consider implementing validation for requests to prevent unauthorized actions, such as verifying the origin of the request to prevent CSRF attacks. As a temporary workaround, restrict access to the modcp.php file, specifically the thread del action, to minimize the risk of exploitation.