CNNVD-202601-2093 Information

CNNVD ID

CNNVD-202601-2093

Related CVE

CVE-2022-50910

• CNNVD Published: 2026-01-13

Description (Chinese)

Beehive Forum是Beehive开源的一个论坛系统。 Beehive Forum 1.5.2版本存在授权问题漏洞，该漏洞源于忘记密码功能存在主机标头注入，可能导致攻击者拦截密码重置令牌并更改账户密码。

Description (English)

Beehive Forum is an open-source forum system for Beehive. Version 1.5.2 of Beehive Forum has a mandate gap, which stems from the forgetting that the password function has been injected into the host header, which could lead the assailant to intercept the password resetting and change the account password.

Hazard Level

Medium

Vulnerability Type

授权问题

Affected Vendor

Beehive

Published

2026-01-13

Last Modified

2026-02-24

References

https://imgur.com/a/hVlgpCg https://sourceforge.net/projects/beehiveforum/ https://www.beehiveforum.co.uk/ https://www.exploit-db.com/exploits/50923 https://www.vulncheck.com/advisories/beehive-forum-account-takeover