Description
Cross-site scripting (XSS) vulnerability in the quick edit function in xmlhttp.php in MyBB (aka MyBulletinBoard) before 1.8.5 allows remote attackers to inject arbitrary web script or HTML via the content of a post.
Remediation
References
Related Vulnerabilities
MyBB Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-41362)
WordPress Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-17670)
PostgreSQL Arbitrary Code Execution Vulnerbality (CVE-2020-25696)
Apache HTTP Server Integer Overflow or Wraparound Vulnerability (CVE-2022-28615)
WordPress Plugin Resume Submissions & Job Postings Arbitrary File Upload (2.5.1)