Description
A reflected XSS vulnerability in index.php in MyBB 1.8.x through 1.8.19 allows remote attackers to inject JavaScript via the 'upsetting[bburl]' parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Starfish Review Generation & Marketing for WordPress Security Bypass (2.0.0)
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1999006)
Drupal Core 8.9.x Arbitrary File Overwrite (8.9.0 - 8.9.12)
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20100)