The installer in MyBB before 1.8.13 has XSS.
References
Link | Resource |
---|---|
https://blog.mybb.com/2017/11/07/mybb-1-8-13-released-security-maintenance-release/ | Release Notes Vendor Advisory |
https://www.exploit-db.com/exploits/43137/ | Exploit Third Party Advisory VDB Entry |
https://blog.mybb.com/2017/11/07/mybb-1-8-13-released-security-maintenance-release/ | Release Notes Vendor Advisory |
https://www.exploit-db.com/exploits/43137/ | Exploit Third Party Advisory VDB Entry |
Configurations
History
21 Nov 2024, 03:16
Type | Values Removed | Values Added |
---|---|---|
References | () https://blog.mybb.com/2017/11/07/mybb-1-8-13-released-security-maintenance-release/ - Release Notes, Vendor Advisory | |
References | () https://www.exploit-db.com/exploits/43137/ - Exploit, Third Party Advisory, VDB Entry |
Information
Published : 2017-11-10 23:29
Updated : 2024-11-21 03:16
NVD link : CVE-2017-16781
Mitre link : CVE-2017-16781
CVE.ORG link : CVE-2017-16781
JSON object : View
Products Affected
mybb
- mybb
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')