A cross-site scripting (XSS) vulnerability in Pybbs v6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Search box.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NPybbs Project Pybbs
APPPybbs Project6.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
XSS
CWE
Related vulnerabilities
CVE-2020-28702HIGH7.5ten sam produkt
A SQL injection vulnerability in TopicMapper.xml of PybbsCMS v5.2.1 allows attackers to access sensitive datab...
CVE-2025-8546MEDIUM5.5ten sam produkt
A vulnerability, which was classified as problematic, was found in atjiu pybbs up to 6.0.0. This affects the f...
CVE-2025-8547MEDIUM5.5ten sam produkt
A vulnerability has been found in atjiu pybbs up to 6.0.0 and classified as critical. This vulnerability affec...
CVE-2025-12297LOW2.1ten sam produkt
W oprogramowaniu atjiu pybbs do wersji 6.0.0 wykryto lukę bezpieczeństwa dotyczącą nieznanej funkcji w pliku U...
CVE-2025-8812LOW1.9ten sam produkt
A vulnerability, which was classified as problematic, was found in atjiu pybbs up to 6.0.0. This affects an un...