OpenCVE

Infopop Ultimate Bulletin Board up to v5.47a was discovered to allow all messages posted inside private forums to be disclosed by unauthenticated users via the quote reply feature.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Infopop	Ultimate Bulletin Board

Configuration 1 [-]

cpe:2.3:a:infopop:ultimate_bulletin_board:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.infopop.com/support/ubbclassic/version5.html
https://marc.info/?l=vuln-dev&m=97486849231786&w=2
https://vulners.com/securityvulns/SECURITYVULNS:DOC:954
https://web.archive.org/web/20030207100935/
https://web.archive.org/web/20030207100935/http://www.infopop.com/support/ubbclassic/version5.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-04-27T00:00:00

Updated: 2024-08-03T04:29:01.685Z

Reserved: 2022-02-14T00:00:00

Link: CVE-2022-25091

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-04-27T21:15:10.343

Modified: 2024-11-21T06:51:38.407

Link: CVE-2022-25091

Redhat

No data.

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:infopop:ultimate_bulletin_board:*:*:*:*:*:*:*:*", "matchCriteriaId": "D03092C2-9DE5-4093-A5B0-7D84D703C355", "versionEndIncluding": "5.47a", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Infopop Ultimate Bulletin Board up to v5.47a was discovered to allow all messages posted inside private forums to be disclosed by unauthenticated users via the quote reply feature."}], "id": "CVE-2022-25091", "lastModified": "2024-11-21T06:51:38.407", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-04-27T21:15:10.343", "references": [{"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.infopop.com/support/ubbclassic/version5.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List"], "url": "https://marc.info/?l=vuln-dev&m=97486849231786&w=2"}, {"source": "cve@mitre.org", "tags": ["Mailing List"], "url": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:954"}, {"source": "cve@mitre.org", "tags": ["Not Applicable"], "url": "https://web.archive.org/web/20030207100935/"}, {"source": "cve@mitre.org", "tags": ["Release Notes"], "url": "https://web.archive.org/web/20030207100935/http://www.infopop.com/support/ubbclassic/version5.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.infopop.com/support/ubbclassic/version5.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "https://marc.info/?l=vuln-dev&m=97486849231786&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:954"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Not Applicable"], "url": "https://web.archive.org/web/20030207100935/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "https://web.archive.org/web/20030207100935/http://www.infopop.com/support/ubbclassic/version5.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}