CVE-2025-12297

atjiu pybbs UserApiController.java information disclosure

CVSS 5.3 MEDIUMEPSS 0.3%CWE-200 CWE-284

A vulnerability was detected in atjiu pybbs up to 6.0.0. This affects an unknown function of the file UserApiController.java. The manipulation results in information disclosure. The attack may be launched remotely. The exploit is now public and may be used.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P

Produtos afetados

atjiu · pybbs

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://vuldb.com/?ctiid.329965 https://vuldb.com/?id.329965 https://vuldb.com/?submit.675906 https://www.yuque.com/yuqueyonghutxhnup/pbbo84/ruh1cg5isrmugkh3?singleDoc