Simple Machines Forum Moderation Zone Information Disclosure Vulnerability

Simple Machines Forum Moderation Zone Information Disclosure Vulnerability

Simple Machines Forum is prone to an information-disclosure vulnerability because it includes session credentials in the URL in certain circumstances.

An attacker can exploit this issue to gain access to valid session credentials; this may aid in further attacks.

Simple Machines Forum 2.0 is vulnerable; other versions may also be affected.