Vulnerability Description
Infopop Ultimate Bulletin Board up to v5.47a was discovered to allow all messages posted inside private forums to be disclosed by unauthenticated users via the quote reply feature.
CVSS Score
5.3
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Infopop | Ultimate Bulletin Board | <= 5.47a |
Related Weaknesses (CWE)
References
- http://www.infopop.com/support/ubbclassic/version5.htmlBroken Link
- https://marc.info/?l=vuln-dev&m=97486849231786&w=2Mailing List
- https://vulners.com/securityvulns/SECURITYVULNS:DOC:954Mailing List
- https://web.archive.org/web/20030207100935/Not Applicable
- https://web.archive.org/web/20030207100935/http://www.infopop.com/support/ubbclaRelease Notes
- http://www.infopop.com/support/ubbclassic/version5.htmlBroken Link
- https://marc.info/?l=vuln-dev&m=97486849231786&w=2Mailing List
- https://vulners.com/securityvulns/SECURITYVULNS:DOC:954Mailing List
- https://web.archive.org/web/20030207100935/Not Applicable
- https://web.archive.org/web/20030207100935/http://www.infopop.com/support/ubbclaRelease Notes
FAQ
What is CVE-2022-25091?
CVE-2022-25091 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Infopop Ultimate Bulletin Board up to v5.47a was discovered to allow all messages posted inside private forums to be disclosed by unauthenticated users via the quote reply feature.
How severe is CVE-2022-25091?
CVE-2022-25091 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-25091?
Check the references section above for vendor advisories and patch information. Affected products include: Infopop Ultimate Bulletin Board.