cpe:/a:lussumo:vanilla:0.9.2 cpe:/a:lussumo:vanilla:1 cpe:/a:lussumo:vanilla:1.0.1 cpe:/a:lussumo:vanilla:1.0.2 cpe:/a:lussumo:vanilla:1.0.3 cpe:/a:lussumo:vanilla:1.1 cpe:/a:lussumo:vanilla:1.1.1 cpe:/a:lussumo:vanilla:1.1.2 cpe:/a:lussumo:vanilla:1.1.3 cpe:/a:lussumo:vanilla:1.1.4 CVE-2008-3759 2008-08-21T13:41:00.000-04:00 2017-08-07T21:32:08.843-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-08-21T14:17:00.000-04:00 ALLOWS_OTHER_ACCESS SECUNIA 31527 CONFIRM http://lussumo.com/bugs/discussion/91/ajaxupdatecheckphp-csrf-vulnerability/ CONFIRM http://lussumo.com/community/discussion/8559/vanilla-115-release-candidate-1/ CONFIRM http://lussumo.com/docs/doku.php?id=vanilla:releasenotes XF vanilla-updatecheck-people-csrf(44558) Cross-site request forgery (CSRF) vulnerability in ajax/UpdateCheck.php in Vanilla 1.1.4 and earlier has unknown impact and remote attack vectors.