2 matches found
CVE-2018-19201
A reflected XSS vulnerability in the ModCP Profile Editor in MyBB before 1.8.20 allows remote attackers to inject JavaScript via the 'username' parameter...
CVE-2018-19201
CVE-2018-19201: A reflected XSS in MyBB’s ModCP Profile Editor affects versions before 1.8.20. An attacker can inject JavaScript via the username parameter (remote, network-based). Impact is client-side script execution as described; mitigation is to upgrade to MyBB 1.8.20 (security maintenance r...