VulnerabilityCVE-2025-71282CVSS 7.5

XenForo before 2.3.7 discloses filesystem paths through exception messages triggered by...

GitHub Advisory Database · GitHub Security4/1/2026, 3:31:40 AM
View Original Source

Summary

XenForo before 2.3.7 discloses filesystem paths through exception messages triggered by open_basedir restrictions. This allows an attacker to obtain information about the server's directory structure.

Metadata

Article ID
#480307
Source
GitHub Advisory Database
Scraped At
4/1/2026, 6:10:23 AM
URL Hash
69554c3fad40ce36…