CVE-2025-65113 | THREATINT

Description

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.2 - #164, an authorization bypass vulnerability in the AJAX flagging system allows any unauthenticated user to flag any content (users, videos, photos, collections) on the platform. This can lead to mass flagging attacks, content disruption, and moderation system abuse. This issue has been patched in version 5.5.2 - #164.

PUBLISHED Reserved 2025-11-17 | Published 2025-11-29 | Updated 2025-12-01 | Assigner GitHub_M

MEDIUM: 6.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Problem types

CWE-770: Allocation of Resources Without Limits or Throttling

Product status

< 5.5.2 - #164

affected

References

github.com/...ket-v5/security/advisories/GHSA-9f8v-vph8-pq6q exploit

github.com/...ket-v5/security/advisories/GHSA-9f8v-vph8-pq6q

github.com/...ommit/a83b807e592f85d98f1f156bd3cbb1ffcc230233

cve.org (CVE-2025-65113)

nvd.nist.gov (CVE-2025-65113)

Download JSON