Vulnerabilities and security researches forpondol-bbs pondol-bbs

Jan 28, 2026

CVE, Research URL: CVE-2025-49336
Home page URL: Security reports for Pondol BBS
Application: Pondol BBS
Date: Jan 22, 2026
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pondol Pondol BBS pondol-bbs allows Stored XSS.This issue affects Pondol BBS: from n/a through <= 1.1.8.4.
Affected versions: max 1.1.8.4.
Status: vulnerable