A vulnerability has been found in atjiu pybbs up to 6.0.0 and classified as critical. This vulnerability affects unknown code of the component Email Verification Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 044f22893bee254dc2bb0d30f614913fab3c22c2. It is recommended to apply a patch to fix this issue.
History

Wed, 03 Sep 2025 14:00:00 +0000

Type Values Removed Values Added
First Time appeared Pybbs Project
Pybbs Project pybbs
CPEs cpe:2.3:a:pybbs_project:pybbs:*:*:*:*:*:*:*:*
Vendors & Products Pybbs Project
Pybbs Project pybbs

Tue, 05 Aug 2025 21:30:00 +0000

Type Values Removed Values Added
First Time appeared Atjiu
Atjiu pybbs
Vendors & Products Atjiu
Atjiu pybbs

Tue, 05 Aug 2025 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 05 Aug 2025 05:45:00 +0000

Type Values Removed Values Added
Description A vulnerability has been found in atjiu pybbs up to 6.0.0 and classified as critical. This vulnerability affects unknown code of the component Email Verification Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 044f22893bee254dc2bb0d30f614913fab3c22c2. It is recommended to apply a patch to fix this issue.
Title atjiu pybbs Email Verification improper authorization
Weaknesses CWE-266
CWE-285
References
Metrics cvssV2_0

{'score': 5, 'vector': 'AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C'}

cvssV3_0

{'score': 5.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C'}

cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2025-08-05T16:16:15.788Z

Reserved: 2025-08-04T13:04:44.659Z

Link: CVE-2025-8547

cve-icon Vulnrichment

Updated: 2025-08-05T16:16:12.764Z

cve-icon NVD

Status : Analyzed

Published: 2025-08-05T06:15:27.913

Modified: 2025-09-03T13:42:55.363

Link: CVE-2025-8547

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-08-05T20:50:23Z