CNNVD-202508-330 Information
CNNVD ID
CNNVD-202508-330
Related CVE
- CNNVD Published: 2025-08-05
Description (Chinese)
pybbs是iuiu个人开发者的一个Java开发的社区平台。 pybbs 6.0.0及之前版本存在代码注入漏洞,该漏洞源于文件/admin/tag/list中参数Name处理不当,可能导致跨站脚本攻击。
Description (English)
Pybbs is a community platform developed by Java, an iuiu personal developer. Pybbs 6.0.0 and previous versions have a code injection loophole, which stems from the mishandling of the parameter in the file/admin/tag/listName, which may result in a cross-site script attack.
Hazard Level
Critical
Vulnerability Type
代码注入
Affected Vendor
个人开发者
Published
2025-08-05
Last Modified
2026-02-24
References
https://github.com/atjiu/pybbs/issues/205#issuecomment-3134773883 https://github.com/atjiu/pybbs/commit/2fe4a51afbce0068c291bc1818bbc8f7f3b01a22 https://vuldb.com/?ctiid.318681 https://vuldb.com/?submit.622196 https://vuldb.com/?id.318681 https://github.com/atjiu/pybbs/issues/205#issue-3256416772 https://access.redhat.com/security/cve/cve-2025-8552
Share on: