Required CVE Record Information
Description
Cross-site scripting (XSS) vulnerability in newthread.php in MyBB (aka MyBulletinBoard) 1.10, when configured to permit new threads by unregistered users, allows remote attackers to inject arbitrary web script or HTML via the username.
References 4 Total
- secunia.com: 19516 third-party-advisory
- securityfocus.com: 17427 vdb-entry
- securityfocus.com: 20060409 MyBB 1.10 'newthread.php' < CrossSiteScripting > mailing-list
- exchange.xforce.ibmcloud.com: mybb-newthread-xss(25730) vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 4 Total
- secunia.com: 19516 third-party-advisoryx_transferred
- securityfocus.com: 17427 vdb-entryx_transferred
- securityfocus.com: 20060409 MyBB 1.10 'newthread.php' < CrossSiteScripting > mailing-listx_transferred
- exchange.xforce.ibmcloud.com: mybb-newthread-xss(25730) vdb-entryx_transferred