CVE-2025-50979 | NodeBB 4.3.0 API Endpoint categories Search sql injection

August 27, 2025 Yanac

A vulnerability labeled as critical has been found in NodeBB 4.3.0. This affects an unknown function of the file /api/v3/search/categories of the component API Endpoint. Executing manipulation of the argument Search can lead to sql injection.

The identification of this vulnerability is CVE-2025-50979. The attack may be launched remotely. There is no exploit available.VulDB Recent EntriesRead More