admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 03:02:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-04-23 13:00:35 +00:00
parent 1eb7438b66
commit 358fcd12d6
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
2025/29xxx/CVE-2025-29457.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Import a Theme function."
"value": "** DISPUTED ** An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Import a Theme function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators and because of SSRF mitigation."
}
]
},
@ -56,6 +56,11 @@
"refsource": "MISC",
"name": "https://www.yuque.com/morysummer/vx41bz/vro4dvxzuiwlg6uv",
"url": "https://www.yuque.com/morysummer/vx41bz/vro4dvxzuiwlg6uv"
},
{
"refsource": "MISC",
"name": "https://docs.mybb.com/1.8/administration/security/protection/#limit-access-to-private-hosts-and-ip-addresses",
"url": "https://docs.mybb.com/1.8/administration/security/protection/#limit-access-to-private-hosts-and-ip-addresses"
}
]
}