Description
MyBB before 1.8.25 allows stored XSS via nested [email] tags with MyCode (aka BBCode).
Remediation
References
Related Vulnerabilities
MySQL CVE-2018-2787 Vulnerability (CVE-2018-2787)
WordPress Plugin Microblog Poster SQL Injection (1.6.1)
MongoDb Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-20326)
WordPress Plugin All-in-One Event Calendar Multiple Vulnerabilities (1.9)
Apache Tomcat Off-by-one Error Vulnerability (CVE-2023-28709)