4 matches found
CVE-2022-28354
In the Active Threads Plugin 1.3.0 for MyBB, the activethreads.php date parameter is vulnerable to XSS when setting a time period...
CVE-2022-28354
CVE-2022-28354 affects the MyBB Active Threads Plugin 1.3.0 and its activethreads.php date parameter, which is vulnerable to cross-site scripting (XSS) when setting a time period. The vulnerability details indicate an XSS flaw in the parameter handling, with CVSSv3.1 base score 6.1 (MEDIUM): Netw...
CVE-2022-28354
In the Active Threads Plugin 1.3.0 for MyBB, the activethreads.php date parameter is vulnerable to XSS when setting a time period...
MyBB Active Threads 1.3.0 Cross Site Scripting
Exploit Title: MyBB Active Threads Plugin 1.3.0 – Cross-Site Scripting Date: February 9, 2022 Author: 0xB9 Twitter: @0xB9sec Software Link: https://community.mybb.com/mods.php?action=view&pid=1336 Version: 1.3.0 Tested On: Windows 10 CVE: CVE-2022-28354 Description: This plugin shows a page of...