CVE-2025-63807

Published: Nov 20, 2025

Modified: Nov 21, 2025

PUBLISHED

Description

An issue was discovered in weijiang1994 university-bbs (aka Blogin) in commit 9e06bab430bfc729f27b4284ba7570db3b11ce84 (2025-01-13). A weak verification code generation mechanism combined with missing rate limiting allows attackers to perform brute-force attacks on verification codes without authentication. Successful exploitation may result in account takeover via password reset or other authentication bypass methods.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://gist.github.com/Rycarl-Furry/3e93c6f0d48a29518adf341e0fc7e2dd

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-63807

Description

Affected Products

References