CNNVD-202511-2705 Information

CNNVD ID

CNNVD-202511-2705

Related CVE

CVE-2025-51741

• CNNVD Published: 2025-11-25

Description (Chinese)

Echo是Veal98个人开发者的一套前后端不分离的开源社区系统。 Echo 2.2版本至2.3版本存在安全漏洞，该漏洞源于sendEmailCodeForResetPwd端点允许未经认证的攻击者发送验证邮件，可能导致拒绝服务。

Description (English)

Echo is an open-source community system of Veal98 individual developers that is not separated. There is a security loophole in versions Echo 2.2 to 2.3, which stems from the fact that the sendEmailCodeForResetPwd end point allows unauthorized assailants to send authentication mail, which may lead to the denial of services.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-11-25

Last Modified

2026-02-24

References

http://echo.com https://gist.github.com/Paxsizy/9d92e8746778cf0926705d89b4f3618c https://github.com/Veal98/Echo