Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-p7j3-m97j-2qqg

Опубликовано: 23 дек. 2025
Источник: github
Github: Не прошло ревью
CVSS4: 5.1
CVSS3: 6.4

Описание

myBB Forums 1.8.26 contains a stored cross-site scripting vulnerability in the forum management system that allows authenticated administrators to inject malicious scripts when creating new forums. Attackers can exploit this vulnerability by inserting script payloads in the forum title field when adding new forums through the 'Forums and Posts' > 'Forum Management' interface, causing arbitrary JavaScript to execute when the forum listing is viewed.

myBB Forums 1.8.26 contains a stored cross-site scripting vulnerability in the forum management system that allows authenticated administrators to inject malicious scripts when creating new forums. Attackers can exploit this vulnerability by inserting script payloads in the forum title field when adding new forums through the 'Forums and Posts' > 'Forum Management' interface, causing arbitrary JavaScript to execute when the forum listing is viewed.

Ссылки

EPSS

Процентиль: 8%
0.00029
Низкий

5.1 Medium

CVSS4

6.4 Medium

CVSS3

CVE ID

CVE-2023-53977

Дефекты

CWE-79

Связанные уязвимости

nvd логотип

CVE-2023-53977

CVSS3: 5.4
nvd
около 2 месяцев назад

myBB Forums 1.8.26 contains a stored cross-site scripting vulnerability in the forum management system that allows authenticated administrators to inject malicious scripts when creating new forums. Attackers can exploit this vulnerability by inserting script payloads in the forum title field when adding new forums through the 'Forums and Posts' > 'Forum Management' interface, causing arbitrary JavaScript to execute when the forum listing is viewed.

EPSS

Процентиль: 8%
0.00029
Низкий

5.1 Medium

CVSS4

6.4 Medium

CVSS3

CVE ID

CVE-2023-53977

Дефекты

CWE-79