The OUGC Awards plugin before 1.8.19 for MyBB allows XSS via a crafted award reason that is mishandled on the awards page or in a user profile.
CPE | Name | Operator | Version |
---|---|---|---|
ougc-awards | eq | 1.1 | |
ougc-awards | eq | 1.8.3r2 | |
ougc-awards | eq | 1.8.0 | |
ougc-awards | eq | 1.8.3 |