CVE-2025-21623

ClipBucket V5 Unauthenticated Template Directory Update to Denial-of-Service

CVSS 7.5 HIGHEPSS 1.1%CWE-22 CWE-306

ClipBucket V5 provides open source video hosting with PHP. Prior to 5.5.1 - 238, ClipBucket V5 allows unauthenticated attackers to change the template directory via a directory traversal, which results in a denial of service.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Produtos afetados

MacWarrior · clipbucket-v5

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/MacWarrior/clipbucket-v5/commit/75d663f010cd8569eb9e278f030838174fb30188 https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-ffhj-hprx-7qvr