Description
MyBB (aka MyBulletinBoard) before 1.4.12 does not properly handle a configuration with a visible forum that contains hidden threads, which allows remote attackers to obtain sensitive information by reading the Latest Threads block of the Portal Page.
Remediation
References
Related Vulnerabilities
WordPress Plugin Blog2Social:Social Media Auto Post & Scheduler SQL Injection (5.5.0)
PostgreSQL Other Vulnerability (CVE-2003-0901)
Moodle URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-14882)
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-1432)
WordPress Plugin Hellodialog Unspecified Vulnerability (1.0.2)