2026-01-27 14:04:18
Fluid Attacks
PUBLISHED
All versions of askbot before and including 0.12.2 allow an attacker authenticated with normal user permissions to modify the profile picture of other application users.This issue affects askbot: 0.12.2.