Description
Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka MyBulletinBoard) 1.4.14, and 1.6.x before 1.6.1, allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) editpost.php, (2) member.php, and (3) newreply.php.
Remediation
References
Related Vulnerabilities
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5478)
XWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-32068)
PHP Other Vulnerability (CVE-2015-0231)
WordPress Plugin Integration for WooCommerce and QuickBooks Cross-Site Scripting (1.1.8)
WordPress Plugin Official MailerLite Sign Up Forms Cross-Site Request Forgery (1.4.4)