CVE-2026-1213

MEDIUM SEVERITY

Vulnerability Description

All versions of askbot before and including 0.12.2 allow an attacker authenticated with normal user permissions to modify the profile picture of other application users.This issue affects askbot: 0.12.2.

Vulnerability Details

Published Date

January 27, 2026

Last Modified

January 28, 2026

CWE ID

CWE-639

Source

NVD

Vendor

pip

Product

askbot

External References

https://askbot.com/
https://fluidattacks.com/advisories/ghost
https://github.com/ASKBOT/askbot-devel/commit/3da3d75f35204aa71633c7a315327ba39cb6295d

CVE-2026-1213

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment