Description
Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka MyBulletinBoard) 1.4.14, and 1.6.x before 1.6.1, allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) editpost.php, (2) member.php, and (3) newreply.php.
Remediation
References
Related Vulnerabilities
PostgreSQL Untrusted Search Path Vulnerability (CVE-2020-10733)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4592)
Grafana Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-27962)
Sqlite Incorrect Conversion between Numeric Types Vulnerability (CVE-2019-19317)
WordPress Plugin Human Presence Cross-Site Scripting (2.0.8)