4 matches found
CVE-2020-19048
Cross Site Scripting XSS in MyBB v1.8.20 allows remote attackers to inject arbitrary web script or HTML via the "Title" field found in the "Add New Forum" page by doing an authenticated POST HTTP request to '/Upload/admin/index.php?module=forum-management=add'...
MyBB <= 1.8.20 Multiple XSS Vulnerabilities
MyBB is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mybb:mybb";...
CVE-2020-19048
Cross Site Scripting XSS in MyBB v1.8.20 allows remote attackers to inject arbitrary web script or HTML via the "Title" field found in the "Add New Forum" page by doing an authenticated POST HTTP request to '/Upload/admin/index.php?module=forum-management&action=add'...
CVE-2020-19048
CVE-2020-19048 : MyBB 1.8.20 is vulnerable to a Cross Site Scripting (XSS) flaw in the Add New Forum feature. An authenticated attacker can inject arbitrary script/HTML via the Title field when making a POST to /Upload/admin/index.php?module=forum-management&action=add, potentially affecting the ...