2 matches found
CVE-2006-0770
Cross-site scripting XSS vulnerability in calendar.php in MyBulletinBoard MyBB 1.0.4 allows remote attackers to inject arbitrary web script or HTML via a URL that is not sanitized before being returned as a link in "advanced details". NOTE: the provenance of this information is unknown; the detai...
CVE-2006-0770
CVE-2006-0770 concerns a delivered XSS vulnerability in the MyBB (MyBulletinBoard) package, specifically in calendar.php of version 1.0.4. The issue arises when a URL is not properly sanitized and is returned as a link in the advanced details, allowing remote attackers to inject arbitrary web scr...