Simple Machines Forum 2.1 prior to commit 7d048f8 and 3.0 prior to commit a7875e8 contains an authorization bypass vulnerability in Sources/Actions/AttachmentApprove.php where a single-character operator error causes the permission check to always pass regardless of user permissions. An authenticated low-privileged user can approve, reject, or delete any pending attachments on any board without holding the required approve_posts permission, bypass moderation queues for their own uploads, and enumerate and delete other users' pending attachments.
References
Configurations
No configuration.
History
14 Jul 2026, 20:16
| Type | Values Removed | Values Added |
|---|---|---|
| Summary | (en) Simple Machines Forum 2.1 prior to commit 7d048f8 and 3.0 prior to commit a7875e8 contains an authorization bypass vulnerability in Sources/Actions/AttachmentApprove.php where a single-character operator error causes the permission check to always pass regardless of user permissions. An authenticated low-privileged user can approve, reject, or delete any pending attachments on any board without holding the required approve_posts permission, bypass moderation queues for their own uploads, and enumerate and delete other users' pending attachments. |
10 Jul 2026, 17:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-07-10 17:16
Updated : 2026-07-14 21:16
NVD link : CVE-2026-39903
Mitre link : CVE-2026-39903
CVE.ORG link : CVE-2026-39903
JSON object : View
Products Affected
No product.
CWE
CWE-863
Incorrect Authorization
