2 matches found
MyBB Visual Editor 1.8.18 - Cross-Site Scripting
MyBB Visual Editor 1.8.18 - Cross-Site Scripting Title: MyBB Visual Editor 1.8.18 - Cross-Site Scripting Author: Numan OZDEMIR Vendor Homepage: mybb.com Software Link: https://mybb.com/download/ Version: Up to v1.8.18. Fixed in v1.8.19. PoC Video: https://numanozdemir.com/mybb/xss.mp4 CVE:...
CVE-2018-17128
Summary: CVE-2018-17128 affects MyBB’s Visual Editor (pre-1.8.19). The issue is a persistent XSS introduced through the Video MyCode in posts, enabling attacker-controlled JavaScript execution in a victim’s browser when replying to a thread. The vulnerability is tied to the Video or videotype han...