2 matches found
MyBB 1.8.10 Server-Side Request Forgery
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Server Side Request Forgery SSRF Vulnerability product: MyBB vulnerable version: 1.8.10 fixed version: 1.8.11 CVE number: CVE-2017-7566 impact: Medium homepage:...
CVE-2017-7566
CVE-2017-7566 affects MyBB up to version 1.8.11, where a server-side request forgery (SSRF) vulnerability allows remote attackers to bypass an SSRF protection mechanism. The root cause is a flaw in how MyBB handles certain server-side requests, enabling bypass of protective checks. The public ref...