admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-11-30 18:56:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2025/CVE-2025-7786.md
0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09
2025-09-29 21:09:30 +02:00

30 lines
2.2 KiB
Markdown
Raw Blame History

### [CVE-2025-7786](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7786)
![](https://img.shields.io/static/v1?label=Product&message=g6&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=6.0.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.0.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.0.10%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.0.2%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.0.3%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.0.4%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.0.5%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.0.6%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.0.7%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.0.8%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.0.9%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Code%20Injection&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Cross%20Site%20Scripting&color=brightgreen)
### Description
A vulnerability, which was classified as problematic, has been found in Gnuboard g6 up to 6.0.10. This issue affects some unknown processing of the file /bbs/scrap_popin_update/qa/ of the component Post Reply Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Eine Schwachstelle wurde in Gnuboard g6 bis 6.0.10 entdeckt. Sie wurde als problematisch eingestuft. Dies betrifft einen unbekannten Teil der Datei /bbs/scrap_popin_update/qa/ der Komponente Post Reply Handler. Durch die Manipulation mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung.
### POC
#### Reference
- https://github.com/gnuboard/g6/issues/645
#### Github
- https://github.com/zast-ai/vulnerability-reports
Reference in New Issue View Git Blame Copy Permalink