2 matches found
CVE-2006-4706
The CVE-2006-4706 entry describes a Cross-site Scripting (XSS) flaw in MyBB (MyBulletinBoard) 1.1.7, specifically in inc/functions_post.php. An attacker can inject arbitrary script/HTML through the url BBCode tag that carries a javascript URI using an SGML numeric character reference with an embe...
CVE-2006-4706
Cross-site scripting XSS vulnerability in inc/functionspost.php in MyBB aka MyBulletinBoard 1.1.7 allows remote attackers to inject arbitrary web script or HTML via a url BBCode tag that contains a javascript URI with an SGML numeric character reference and an embedded space, as demonstrated usin...