Описание
DeluxeBB 1.07 and earlier does not properly handle a username composed of a single space character, which allows remote authenticated users to login as the "space" user, post as the guest user, and block the ability of an administrator to ban the "space" user.
Ссылки
Уязвимые конфигурации
Конфигурация 1Версия до 1.07 (включая)
cpe:2.3:a:deluxebb:deluxebb:*:*:*:*:*:*:*:*
EPSS
Процентиль: 71%
0.00713
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
около 3 лет назад
DeluxeBB 1.07 and earlier does not properly handle a username composed of a single space character, which allows remote authenticated users to login as the "space" user, post as the guest user, and block the ability of an administrator to ban the "space" user.
EPSS
Процентиль: 71%
0.00713
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other