CVE-2022-25091

Опубликовано: 27 апр. 2023

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

Infopop Ultimate Bulletin Board up to v5.47a was discovered to allow all messages posted inside private forums to be disclosed by unauthenticated users via the quote reply feature.

Ссылки

http://www.infopop.com/support/ubbclassic/version5.html
Broken Link
https://marc.info/?l=vuln-dev&m=97486849231786&w=2
Mailing List
https://vulners.com/securityvulns/SECURITYVULNS:DOC:954
Mailing List
https://web.archive.org/web/20030207100935/
Not Applicable
https://web.archive.org/web/20030207100935/http://www.infopop.com/support/ubbclassic/version5.html
Release Notes
http://www.infopop.com/support/ubbclassic/version5.html
Broken Link
https://marc.info/?l=vuln-dev&m=97486849231786&w=2
Mailing List
https://vulners.com/securityvulns/SECURITYVULNS:DOC:954
Mailing List
https://web.archive.org/web/20030207100935/
Not Applicable
https://web.archive.org/web/20030207100935/http://www.infopop.com/support/ubbclassic/version5.html
Release Notes

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:infopop:ultimate_bulletin_board:*:*:*:*:*:*:*:*

Версия до 5.47a (включая)

EPSS

Процентиль: 36%

0.00154

Низкий

5.3 Medium

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-863

Связанные уязвимости

GHSA-hf8v-r99v-3hq4