CSRF in phpBB, and probably a lot of other CMS software.

Major forums such as vBulletin and Invision Power Board have recently altered a lot of their codebase to require a security token to prevent their previous vulnerability to CSRF (Cross Site Request Forgery). Unfortunately, phpBB seems to be lagging behind a little and has not yet added this feature. To test, I set up phpBB… Read More CSRF in phpBB, and probably a lot of other CMS software.