← Zuruck zu CVEs

CVE-2025-8813

LOW

3.5

Beschreibung

A vulnerability has been found in atjiu pybbs up to 6.0.0 and classified as problematic. This vulnerability affects the function changeLanguage of the file src/main/java/co/yiiu/pybbs/controller/front/IndexController.java. The manipulation of the argument referer leads to open redirect. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is identified as edb14ff13e9e05394960ba46c3d31d844ff2deac. It is recommended to apply a patch to fix this issue.

CVE Details

CVSS v3.1 Bewertung3.5

SchweregradLOW

CVSS VektorCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

AngriffsvektorNETWORK

KomplexitatLOW

Erforderliche PrivilegienLOW

BenutzerinteraktionREQUIRED

Veroffentlicht8/10/2025

Zuletzt geandert9/2/2025

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

pybbs_project:pybbs

Schwachen (CWE)

CWE-601

Referenzen

https://github.com/atjiu/pybbs/commit/edb14ff13e9e05394960ba46c3d31d844ff2deac(cna@vuldb.com)

https://github.com/atjiu/pybbs/issues/210(cna@vuldb.com)

https://github.com/atjiu/pybbs/issues/210#issue-3256474679(cna@vuldb.com)

https://github.com/atjiu/pybbs/issues/210#issuecomment-3134906856(cna@vuldb.com)

https://vuldb.com/?ctiid.319342(cna@vuldb.com)

https://vuldb.com/?id.319342(cna@vuldb.com)

https://vuldb.com/?submit.622333(cna@vuldb.com)

https://github.com/atjiu/pybbs/issues/210(134c704f-9b21-4f2e-91b3-4a467353bcc0)

https://github.com/atjiu/pybbs/issues/210#issue-3256474679(134c704f-9b21-4f2e-91b3-4a467353bcc0)

https://github.com/atjiu/pybbs/issues/210#issuecomment-3134906856(134c704f-9b21-4f2e-91b3-4a467353bcc0)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.