CVE-2025-71278— XenForo OAuth2 Unauthorized Scope Request
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-71278
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
XenForo OAuth2 Unauthorized Scope Request
Source: NVD (National Vulnerability Database)
Vulnerability Description
XenForo before 2.3.5 allows OAuth2 client applications to request unauthorized scopes. This affects any customer using OAuth2 clients on any version of XenForo 2.3 prior to 2.3.5, potentially allowing client applications to gain access beyond their intended authorization level.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
授权机制不正确
Source: NVD (National Vulnerability Database)
Vulnerability Title
Xenforo 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Xenforo是Xenforo公司的一个论坛软件。 XenForo 2.3.5之前版本存在安全漏洞,该漏洞源于OAuth2客户端应用程序可以请求未经授权的范围,可能导致客户端应用程序获得超出其预期授权级别的访问权限。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2025-71278
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-71278
Please Login to view more intelligence information
Same Patch Batch · XenForo · 2026-04-01 · 10 CVEs total
| CVE-2025-71279 | 9.8 CRITICAL | XenForo Passkey Security Bypass |
| CVE-2025-71281 | 8.8 HIGH | XenForo Template Method Call Restriction Bypass |
| CVE-2025-71282 | 7.5 HIGH | XenForo Path Disclosure via open_basedir Exceptions |
| CVE-2026-35056 | 7.2 HIGH | XenForo Remote Code Execution via Authenticated Admin |
| CVE-2026-35054 | 6.4 MEDIUM | XenForo Stored Cross-Site Scripting via BB Code Rendering |
| CVE-2026-35057 | 6.4 MEDIUM | XenForo Stored Cross-Site Scripting via Structured Text Mentions |
| CVE-2024-58342 | 6.3 MEDIUM | XenForo Open Redirect via getDynamicRedirect |
| CVE-2025-71280 | 6.2 MEDIUM | XenForo Local Account Page Caching Information Disclosure |
| CVE-2026-35055 | 6.1 MEDIUM | XenForo Cross-Site Scripting via Lightbox in Posts |
IV. Related Vulnerabilities
Same product: XenForo
- CVE-2026-35057
XenForo Stored Cross-Site Scripting via Structured Text Ment - CVE-2026-35056
XenForo Remote Code Execution via Authenticated Admin - CVE-2026-35055
XenForo Cross-Site Scripting via Lightbox in Posts - CVE-2026-35054
XenForo Stored Cross-Site Scripting via BB Code Rendering - CVE-2025-71282
XenForo Path Disclosure via open_basedir Exceptions
Same vendor: XenForo
- CVE-2026-35057
XenForo Stored Cross-Site Scripting via Structured Text Ment - CVE-2026-35056
XenForo Remote Code Execution via Authenticated Admin - CVE-2026-35055
XenForo Cross-Site Scripting via Lightbox in Posts - CVE-2026-35054
XenForo Stored Cross-Site Scripting via BB Code Rendering - CVE-2025-71282
XenForo Path Disclosure via open_basedir Exceptions
Same weakness: CWE-863
- CVE-2026-42296
Argo Workflows has incomplete fix for CVE-2026-31892: hostNe - CVE-2025-66170
Apache CloudStack: Any user can list backups that they shoul - CVE-2026-41903
FreeScout IDOR Vulnerability: PERM_EDIT_USERS allows modifyi - CVE-2026-41689
Wallos: Shared local webhook allowlist lets low-privilege us - CVE-2026-41660
Admidio: Inverted 2FA Reset Authorization Check Lets Group L
V. Comments for CVE-2025-71278
No comments yet