Vulnerability Description
A vulnerability, which was classified as problematic, was found in atjiu pybbs up to 6.0.0. This affects the function adminlogin/login of the component Verification Code Handler. The manipulation leads to guessable captcha. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The patch is named ecaf8d46944fd03e3c4ea05698f8acf0aaa570cf. It is recommended to apply a patch to fix this issue.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Pybbs Project | Pybbs | <= 6.0.0 |
Related Weaknesses (CWE)
References
- https://github.com/atjiu/pybbs/commit/ecaf8d46944fd03e3c4ea05698f8acf0aaa570cfPatch
- https://github.com/atjiu/pybbs/issues/199ExploitIssue Tracking
- https://github.com/atjiu/pybbs/issues/199#issue-3256276118ExploitIssue Tracking
- https://github.com/atjiu/pybbs/issues/199#issuecomment-3134573731Issue Tracking
- https://vuldb.com/?ctiid.318675Permissions RequiredVDB Entry
- https://vuldb.com/?id.318675Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.622179Third Party AdvisoryVDB Entry
FAQ
What is CVE-2025-8546?
CVE-2025-8546 is a vulnerability with a CVSS score of 5.3 (MEDIUM). A vulnerability, which was classified as problematic, was found in atjiu pybbs up to 6.0.0. This affects the function adminlogin/login of the component Verification Code Handler. The manipulation lead...
How severe is CVE-2025-8546?
CVE-2025-8546 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-8546?
Check the references section above for vendor advisories and patch information. Affected products include: Pybbs Project Pybbs.