Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-52q4-558x-f9rv

Опубликовано: 02 мая 2022
Источник: github
Github: Не прошло ревью

Описание

Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka MyBulletinBoard) before 1.4.1 allow remote attackers to inject arbitrary web script or HTML via (1) a certain referrer field in usercp2.php, (2) a certain location field in inc/functions_online.php, and certain (3) tsubject and (4) psubject fields in moderation.php.

Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka MyBulletinBoard) before 1.4.1 allow remote attackers to inject arbitrary web script or HTML via (1) a certain referrer field in usercp2.php, (2) a certain location field in inc/functions_online.php, and certain (3) tsubject and (4) psubject fields in moderation.php.

Ссылки

EPSS

Процентиль: 64%
0.00475
Низкий

CVE ID

CVE-2008-3966

Дефекты

CWE-79

Связанные уязвимости

nvd логотип

CVE-2008-3966

nvd
больше 17 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka MyBulletinBoard) before 1.4.1 allow remote attackers to inject arbitrary web script or HTML via (1) a certain referrer field in usercp2.php, (2) a certain location field in inc/functions_online.php, and certain (3) tsubject and (4) psubject fields in moderation.php.

EPSS

Процентиль: 64%
0.00475
Низкий

CVE ID

CVE-2008-3966

Дефекты

CWE-79