CVE-2022-1252

Published: Apr 11, 2022Modified: Feb 24, 2026

9.1

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Exploitability: 3.9 / Impact: 5.2

Source: NVD

Description

Use of a Broken or Risky Cryptographic Algorithm in GitHub repository gnuboard/gnuboard5 prior to and including 5.5.5. A vulnerability in gnuboard v5.5.5 and below uses weak encryption algorithms leading to sensitive information exposure. This allows an attacker to derive the email address of any user, including when the 'Let others see my information.' box is ticked off. Or to send emails to any email address, with full control of its contents

Affected (1)

Products: Sir: Gnuboard

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sir Gnuboard	Up to 5.5.5

Related CWEs

Use of a Broken or Risky Cryptographic Algorithm

The product uses a broken or risky cryptographic algorithm or protocol.

References (4)

https://0g.vc/posts/insecure-cipher-gnuboard5/

Source: security@huntr.dev

ExploitThird Party Advisory

https://huntr.dev/bounties/c8c2c3e1-67d0-4a11-a4d4-11af567a9ebb

Source: security@huntr.dev

ExploitThird Party Advisory

https://0g.vc/posts/insecure-cipher-gnuboard5/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://huntr.dev/bounties/c8c2c3e1-67d0-4a11-a4d4-11af567a9ebb

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.