CVE-2023-34249 Information

Description

benjjvi/PyBB is an open source bulletin board. Prior to commit dcaeccd37198ecd3e41ea766d1099354b60d69c2 benjjvi/PyBB is vulnerable to SQL Injection. This vulnerability has been fixed as of commit dcaeccd37198ecd3e41ea766d1099354b60d69c2. As a workaround a user may be able to update the software manually to avoid this problem by sanitizing user queries to BulletinDatabaseModule.py.

Reference

https://github.com/benjjvi/PyBB/security/advisories/GHSA-5qrx-fgxq-95gg https://github.com/benjjvi/PyBB/commit/dcaeccd37198ecd3e41ea766d1099354b60d69c2