[-] Product Description:
MyBB-2FA is an unmaintained MyBB plugin that allows MyBB admins to enable Two Factor Authentication in for their forums users.
[-] Vulnerability Type:
Cross Site Request Forgery
[-] Impact and more info:
[-] Vulnerable Request Type:
[-] Vulnerable Module/Parameter/Path:
[-] Proof of Concept URL:
[-] Fix Suggestion:
Implement an Anti-CSRF token to protect forging requests
[-] Product URL(s):
This bug is subject to Seekurity SAS de C.V. responsible disclosure rules which is a 90-day-disclosure-deadline. After 90 days elapse or a patch has been made broadly available, the bug details will become visible to the public through our official communication channels.
A minute if you please!
Building a website, an application or any kind of business? Or already have one? Worried about your security? Think twice before going public and let us protect your business!
Advisory: Authentication extension Factor MyBB Two Vulnerabilities