Description

Cross-site scripting (XSS) vulnerability in member.php in MyBB (aka MyBulletinBoard) before 1.8.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2015-2332

Related Vulnerabilities

Vanilla Forums Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-9889)

WordPress Plugin PHP Event Calendar for WordPress Arbitrary File Upload (1.6)

Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-10352)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4297)

WordPress Plugin Responsive Lightbox by dFactory Cross-Site Scripting (1.7.1)

Severity

Medium

Classification

CVE-2015-2332 CWE-707

Tags

Missing Update Known Vulnerabilities