pybbs <=6.0.0 Reflected XSSinfo

Titel	atjiu https://github.com/atjiu/pybbs <=6.0.0 Reflected XSS
Beschreibung	In the latest v6.0.0 version, the endpoint /search does not encode user-controllable parameters when outputting them on the current page, resulting in Reflected XSS. This allows attackers to launch XSS attacks against administrator users.
Quelle	⚠️ https://github.com/atjiu/pybbs/issues/208
Benutzer	ZAST.AI (UID 87884)
Einreichung	25.07.2025 03:48 (vor 11 Monaten)
Moderieren	04.08.2025 15:05 (10 days later)
Status	Akzeptiert
VulDB Eintrag	318684 [atjiu pybbs bis 6.0.0 /search keyword Cross Site Scripting]
Punkte	16

Do you want to use VulDB in your project?

Use the official API to access entries easily!