CVE-2022-25091 Information

Description

Infopop Ultimate Bulletin Board up to v5.47a was discovered to allow all messages posted inside private forums to be disclosed by unauthenticated users via the quote reply feature.

Reference

https://web.archive.org/web/20030207100935/http://www.infopop.com/support/ubbclassic/version5.html https://web.archive.org/web/20030207100935/ https://marc.info/?l=vuln-dev&m=97486849231786&w=2 http://www.infopop.com/support/ubbclassic/version5.html https://vulners.com/securityvulns/SECURITYVULNS:DOC:954