CVE-2025-65113
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-65113
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-65113.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-65113
- Aliases
-
- GHSA-9f8v-vph8-pq6q
- Published
- 2025-11-29T00:34:04.596Z
- Modified
- 2025-12-05T10:10:50.756190Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L CVSS Calculator
- Summary
- ClipBucket v5 Unauthenticated Object Flagging Vulnerability
- Details
-
ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.2 - #164, an authorization bypass vulnerability in the AJAX flagging system allows any unauthenticated user to flag any content (users, videos, photos, collections) on the platform. This can lead to mass flagging attacks, content disruption, and moderation system abuse. This issue has been patched in version 5.5.2 - #164.
- Database specific
{ "cna_assigner": "GitHub_M", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/65xxx/CVE-2025-65113.json", "cwe_ids": [ "CWE-770" ] }- References
-
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/65xxx/CVE-2025-65113.json
- https://github.com/MacWarrior/clipbucket-v5/commit/a83b807e592f85d98f1f156bd3cbb1ffcc230233
- https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-9f8v-vph8-pq6q
- https://nvd.nist.gov/vuln/detail/CVE-2025-65113
Affected packages
Git / github.com/macwarrior/clipbucket-v5
Affected ranges
- Type
- GIT
- Repo
- https://github.com/macwarrior/clipbucket-v5
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
5.*
5.3
5.3.1
5.4.0
5.4.1
5.5.0
5.5.1
5.5.2-#103
5.5.2-#106
5.5.2-#114
5.5.2-#117
5.5.2-#120
5.5.2-#123
5.5.2-#129
5.5.2-#133
5.5.2-#135
5.5.2-#138
5.5.2-#140
5.5.2-#147
5.5.2-#152
5.5.2-#162
5.5.2-#163
5.5.2-#25
5.5.2-#38
5.5.2-#4
5.5.2-#45
5.5.2-#58
5.5.2-#69
5.5.2-#74
5.5.2-#82
5.5.2-#86
5.5.2-#90
5.5.2-#98