CVE-2020-8088

2020-01-2720:00:19

mitre

www.cve.org

AI Score

9.7

Confidence

High

EPSS

0.007

Percentile

79.7%

JSON

panel_login.php in UseBB 1.0.12 allows type juggling for login bypass because != is used instead of !== for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters.

References

xavibel.com/2020/01/22/usebb-forum-php-type-juggling-vulnerability/