MyBB Recent Threads plugin cross-site scripting vulnerability

MyBB aka MyBulletinBoard is a free and web-based forum software developed by the MyBB team using PHP and MySQL.Recent Threads plugin is used in which a plugin for displaying recent and unread messages. A cross-site scripting vulnerability exists in versions of the MyBB Recent Threads plugin prior...

MyBB Recent Threads Plugin 1.0 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: MyBB Recent Threads Plugin v1.0 - Cross-Site Scripting Date: 6/2/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=842 Version: 1.0 Tested on: Ubuntu 18.0...

MyBB Recent Threads Plugin 1.0 - Cross-Site Scripting

MyBB Recent Threads Plugin 1.0 - Cross-Site Scripting Exploit Title: MyBB Recent Threads Plugin v1.0 - Cross-Site Scripting Date: 6/2/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=842 Version: 1.0 Tested on: Ubuntu 18.0...

MyBB Recent Threads Plugin 1.0 - Cross-Site Scripting

Exploit Title: MyBB Recent Threads Plugin v1.0 - Cross-Site Scripting Date: 6/2/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=842 Version: 1.0 Tested on: Ubuntu 18.04 CVE: CVE-2018-11715 1. Description: Creates a page...

CVE-2018-11715

The Recent Threads plugin before 1.1 for MyBB allows XSS via a thread subject...

CVE-2018-11715

The CVE-2018-11715 entry corresponds to a cross-site scripting vulnerability in the MyBB Recent Threads plugin (pre-1.1). Affected component: MyBB Recent Threads plugin for MyBB; root cause: insufficient validation of user-submitted input in thread subjects, leading to XSS. Impact details in sour...