Description

MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allow remote attackers to have unspecified impact via vectors related to "loose comparison false positives."

Remediation

References

CVE-2016-9420

Related Vulnerabilities

WordPress Plugin BSDev.at-Importer:Serendipity Cross-Site Scripting (0.0.1)

WordPress Plugin Testimonial Slider Cross-Site Scripting (1.2.1)

WordPress Plugin Uploader Cross-Site Scripting and Arbitrary File Upload Vulnerabilities (1.0.4)

Dotclear Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1584)

ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4752)

Severity

Critical

Classification

CVE-2016-9420 CWE-20 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities