pybbs <=6.0.0 CAPTCHA reuse Vulnerability정보

제목	atjiu https://github.com/atjiu/pybbs <=6.0.0 CAPTCHA reuse Vulnerability
설명	In the latest v6.0.0 version, the verification codes at the frontend login and registration functions do not automatically refresh, making them reusable. At the registration function, already registered usernames will display "Username already exists," which allows for username brute-forcing. After obtaining the username, one can proceed to the login function to continue brute-forcing the corresponding password.
원천	⚠️ https://github.com/atjiu/pybbs/issues/199
사용자	ZAST.AI (UID 87884)
제출	2025. 07. 25. AM 03:29 (11 개월 ago)
모더레이션	2025. 08. 04. PM 03:05 (10 days later)
상태	수락
VulDB 항목	318675 [atjiu pybbs 까지 6.0.0 Verification Code adminlogin/login 정보 공개]
포인트들	20

Might our Artificial Intelligence support you?

Check our Alexa App!