Description

MyBB 1.8.31 has a Cross-site scripting (XSS) vulnerability in the visual MyCode editor (SCEditor) allows remote attackers to inject HTML via user input or stored data

Remediation

References

CVE-2022-43707

Related Vulnerabilities

MySQL CVE-2014-2444 Vulnerability (CVE-2014-2444)

Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18097)

Joomla! Core 3.0.x Denial of Service (3.0.0 - 3.0.3)

WordPress Plugin Grapefile File Sharing 'grapeupload.php' Arbitrary File Upload (1.1)

WordPress Plugin NextGEN Gallery-WordPress Gallery Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities (1.8.3)

Severity

Medium

Classification

CVE-2022-43707 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities