Privilege Escalation Vulnerability in phpBB Administration Control Panel
CVE-2026-47366
7.2HIGH
What is CVE-2026-47366?
A flaw in the phpBB Administration Control Panel (ACP) allows authenticated administrators to override their authorized access permissions. This improper verification of access can enable an administrator to grant themselves or other users elevated permissions beyond their intended rights, leading to potential exploitation within the administrative interface. It's crucial for phpBB users to ensure they are using secure configurations and to update to the latest versions to mitigate such risks.
Affected Version(s)
phpBB 3.3.0 <= 3.3.16
