2 matches found
CVE-2018-11502
The CVE-2018-11502 issue affects the MyBB Moderator Log Notes plugin (version 1.1) for MyBB. The vulnerability is a CSRF flaw that lets an attacker remotely delete all moderator notes and moderator-note logs stored in modCP and ACP. Root cause is cross-site request forgery in the plugin’s note ma...
CVE-2018-11430
The CVE-2018-11430 entry involves the MyBB Moderator Log Notes plugin (version 1.1) for MyBB. A cross-site scripting (XSS) vulnerability exists in the mod notes textarea used by moderators in the Moderator Control Panel, allowing arbitrary script injection when notes are saved/displayed. Connecte...