4 matches found
MyBB OUGC Feedback Plugin 1.8.22 - Cross-Site Scripting
Exploit Title: MyBB OUGC Feedback Plugin 1.8.22 - Cross-Site Scripting Date: 1/30/2021 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=1220 Version: 1.8.22 Tested on: Windows 10 CVE: CVE-2021-28115 1. Description: This plugin...
MyBB OUGC Feedback 1.8.22 Cross Site Scripting
Exploit Title: MyBB OUGC Feedback Plugin 1.8.22 - Cross-Site Scripting Date: 1/30/2021 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=1220 Version: 1.8.22 Tested on: Windows 10 CVE: CVE-2021-28115 1. Description: This plugin...
CVE-2021-28115
creationtimestamp| type| source ---|---|--- 2021-03-10 00:51:55+00:00| seen| https://t.me/cibsecurity/24664 2024-11-14 06:08:11+00:00| seen| MISP/a9946c4d-7399-4b6e-a7d1-16d7b195732b...
CVE-2021-28115
The CVE-2021-28115 entry concerns the OUGC Feedback plugin for MyBB (prior to version 1.8.23). The vulnerability is an XSS flaw in the comment field during an edit operation, allowing script injection. Affected software is the OUGC Feedback plugin for MyBB; the root cause is input handling in the...