Description
Cross-site scripting (XSS) vulnerability in the mycode_parse_video function in inc/class_parser.php in MyBB (aka MyBulletinBoard) before 1.6.12 allows remote attackers to inject arbitrary web script or HTML via vectors related to Yahoo video URLs.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP-Ban Cross-Site Scripting (1.69)
OpenSSL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2005-2946)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1135)
WordPress Plugin Jetpack-WP Security, Backup, Speed, & Growth Information Disclosure (9.7.1)
phpBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-1000419)