CVE-2025-23749
CVE-2025-23749 describes a CSRF flaw in the mybb Last Topics component which permits stored XSS. Publicly disclosed details indicate the affected item is the mybb Last Topics feature (noted as 1.0 and earlier), with a CVSS v3.1 base score of 7.1 (High) and an attack vector of Network, but requiri...