pybbs <=6.0.0 Reflected XSSinformazioni

Titolo	atjiu https://github.com/atjiu/pybbs <=6.0.0 Reflected XSS
Descrizione	In the latest v6.0.0 version, the endpoint /admin/topic/list does not encode user-controllable parameters when outputting them on the current page, resulting in Reflected XSS. This allows attackers to launch XSS attacks against administrator users.
Fonte	⚠️ https://github.com/atjiu/pybbs/issues/203
Utente	ZAST.AI (UID 87884)
Sottomissione	25/07/2025 03:44 (11 mesi fa)
Moderazione	04/08/2025 15:05 (10 days later)
Stato	Accettato
Voce VulDB	318679 [atjiu pybbs fino a 6.0.0 /admin/topic/list Nome utente cross site scripting]
Punti	16

Do you want to use VulDB in your project?

Use the official API to access entries easily!