Description

MyBB 1.8.31 has a Cross-site scripting (XSS) vulnerability in the visual MyCode editor (SCEditor) allows remote attackers to inject HTML via user input or stored data

Remediation

References

CVE-2022-43707

Related Vulnerabilities

Oracle JRE CVE-2017-10281 Vulnerability (CVE-2017-10281)

WordPress Plugin Wow Viral Signups SQL Injection (2.1)

Joomla! Core 2.5.x Security Bypass (2.5.0 - 2.5.9)

WordPress Plugin RAYS Grid Cross-Site Request Forgery (1.2.2)

ownCloud Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-9046)

Severity

Medium

Classification

CVE-2022-43707 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities