| Title | atjiu https://github.com/atjiu/pybbs <=6.0.0 No password security policy |
|---|
| Description | In the latest v6.0.0 version, when users register, there is no password security policy. Passwords can be any combination of any length, even a single digit. Users typically use extremely weak passwords, making it easy for attackers to obtain user account passwords through guessing, brute-force attacks, and other methods. |
|---|
| Source | ⚠️ https://github.com/atjiu/pybbs/issues/201 |
|---|
| User | ZAST.AI (UID 87884) |
|---|
| Submission | 07/25/2025 03:34 (11 months ago) |
|---|
| Moderation | 08/04/2025 15:05 (10 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 318678 [atjiu pybbs up to 6.0.0 UserAdminController.java update weak password] |
|---|
| Points | 18 |
|---|