CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-60859

Cross Site Scripting (XSS) vulnerability in Gnuboard 5.6.15 allows authenticated attackers to execute arbitrary code via crafted c_id parameter in bbs/view_comment.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 17.0%

CVSS Severity

CVSS v3 Score 6.1

References

https://creeperkirby.notion.site/Gnboard5-5-6-15-reflected-XSS-25c4fe7db8cf80efa20fc2ebefcfe61e?source=copy_link
https://github.com/gnuboard/gnuboard5/commit/002e43e5fb84b465357b445772c881e196e100d3

Products affected by CVE-2025-60859

Sir » Gnuboard » Version: 5.6.15

cpe:2.3:a:sir:gnuboard:5.6.15

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-60859

Products

Pricing

Contact Us