CVE-2013-7275

Cross-site scripting XSS vulnerability in misc.php in MyBB aka MyBulletinBoard before 1.6.12 allows remote attackers to inject arbitrary web script or HTML via the editor parameter in a smilie list popup...