CNNVD-202508-873 Information
CNNVD ID
CNNVD-202508-873
Related CVE
- CNNVD Published: 2025-08-10
Description (Chinese)
pybbs是iuiu个人开发者的一个Java开发的社区平台。 pybbs 6.0.0及之前版本存在输入验证错误漏洞,该漏洞源于文件src/main/java/co/yiiu/pybbs/controller/front/IndexController.java中函数changeLanguage参数referer导致开放重定向,可能导致远程攻击。
Description (English)
Pybbs is a community platform developed by Java, an iuiu personal developer. Pybbs 6.0.0 & previous versions have input error loopholes that originate from document src/main/java/co/yiu/pybbs/controller/front/IndexController.java ’ s function ChangeLanguage parameter results in open redirection and may lead to a remote attack.
Hazard Level
Critical
Vulnerability Type
输入验证错误
Affected Vendor
个人开发者
Published
2025-08-10
Last Modified
2026-02-24
References
https://vuldb.com/?ctiid.319342 https://github.com/atjiu/pybbs/issues/210#issuecomment-3134906856 https://github.com/atjiu/pybbs/issues/210#issue-3256474679 https://vuldb.com/?id.319342 https://vuldb.com/?submit.622333 https://github.com/atjiu/pybbs/commit/edb14ff13e9e05394960ba46c3d31d844ff2deac https://access.redhat.com/security/cve/cve-2025-8813 https://nvd.nist.gov/vuln/detail/CVE-2025-8813
Share on: