Submit #622180: atjiu https://github.com/atjiu/pybbs <=6.0.0 Registration email is not verifiedinfo

Titleatjiu https://github.com/atjiu/pybbs <=6.0.0 Registration email is not verified
DescriptionIn the latest v6.0.0 version, there is a logic vulnerability in the registration function. Users can use the corresponding features without immediate email verification during registration. Email verification is only required later when uploading an avatar. This allows attackers to impersonate various email owners without restriction and register accounts in bulk
Source⚠️ https://github.com/atjiu/pybbs/issues/200
User
 ZAST.AI (UID 87884)
Submission07/25/2025 03:30 (11 months ago)
Moderation08/04/2025 15:05 (10 days later)
StatusAccepted
VulDB entry318676 [atjiu pybbs up to 6.0.0 Email Verification improper authorization]
Points18

PreviousOverviewNext

Do you want to use VulDB in your project?

Use the official API to access entries easily!