Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Vanilla Forums Authorization Bypass Through User-Controlled Key Vulnerability - CVE-2018-15833 - Vulnerability Database
Vanilla Forums

Vanilla Forums Authorization Bypass Through User-Controlled Key Vulnerability - CVE-2018-15833

Medium
Reference: CVE-2018-15833
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2018-15833
Title: Vanilla Forums Authorization Bypass Through User-Controlled Key Vulnerability
Overview:

In Vanilla before 2.6.1 the polling functionality allows Insecure Direct Object Reference (IDOR) via the Poll ID leading to the ability of a single user to select multiple Poll Options (e.g. vote for multiple items).