Description

Cross-site scripting (XSS) vulnerability in MyBB before 1.6.15 allows remote attackers to inject arbitrary web script or HTML via vectors related to video MyCode.

Remediation

References

CVE-2014-5248

Related Vulnerabilities

WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.18)

WordPress Plugin WORDPRESS VIDEO GALLERY Open Email Relay (2.8)

WordPress Plugin Mapwiz SQL Injection (1.0.1)

WordPress Plugin CMS Tree Page View Cross-Site Request Forgery (1.2.4)

WordPress Plugin Simple Download Monitor Multiple Cross-Site Scripting Vulnerabilities (3.9.4)

Severity

Medium

Classification

CVE-2014-5248 CWE-707

Tags

Missing Update Known Vulnerabilities