Description

Cross-site scripting (XSS) vulnerability in the quick edit function in xmlhttp.php in MyBB (aka MyBulletinBoard) before 1.8.5 allows remote attackers to inject arbitrary web script or HTML via the content of a post.

Remediation

References

CVE-2015-4552

Related Vulnerabilities

XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-35152)

WordPress Plugin Rank Math SEO-Best SEO For WordPress To Increase Your SEO Traffic Security Bypass (1.0.27)

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-5546)

WordPress Plugin Sidekick Multiple Unspecified Vulnerabilities (2.2.1)

WordPress 6.1.x Multiple Vulnerabilities (6.1 - 6.1.3)

Severity

Medium

Classification

CVE-2015-4552 CWE-707

Tags

Missing Update Known Vulnerabilities