2 matches found
CVE-2023-46251
Summary: CVE-2023-46251 is a DOM-based XSS vulnerability in MyBB’s visual editor (SCEditor) caused by improper escaping of input in custom MyCode. This can be triggered when a victim loads a page with a pre-filled or crafted MyCode message (e.g., posts or private messages). The issue can affect p...
CVE-2023-46251 Visual editor persistent Cross-site Scripting (XSS) in MyBB
MyBB is a free and open source forum software. Custom MyCode BBCode for the visual editor SCEditor doesn't escape input properly when rendering HTML, resulting in a DOM-based XSS vulnerability. This weakness can be exploited by pointing a victim to a page where the visual editor is active e.g. as...