Lucene search
GoogleOSV:BIT-MYBB-2023-45556HistoryMar 06, 2024 - 10:56 a.m.
BIT-mybb-2023-45556
2024-03-0610:56:58
Google
osv.dev
6
cross site scripting
mybb forums
arbitrary code execution
theme management
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
7
Confidence
High
EPSS
0
Percentile
13.1%
Cross Site Scripting vulnerability in Mybb Mybb Forums v.1.8.33 allows a local attacker to execute arbitrary code via the theme Name parameter in the theme management component.
Related
prion
prion
Cross site scripting
2023-11-06 22:15:00
nvd
nvd
CVE-2023-45556
2023-11-06 22:15:07
cvelist
cvelist
CVE-2023-45556
2023-11-06 00:00:00
cve
cve
CVE-2023-45556
2023-11-06 22:15:07
vulnrichment
vulnrichment
CVE-2023-45556
2023-11-06 00:00:00
openvas
openvas
MyBB < 1.8.37 Multiple XSS Vulnerabilities
2023-11-10 00:00:00
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
7
Confidence
High
EPSS
0
Percentile
13.1%
Related for OSV:BIT-MYBB-2023-45556