Description
Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka MyBulletinBoard) before 1.4.1 allow remote attackers to inject arbitrary web script or HTML via (1) a certain referrer field in usercp2.php, (2) a certain location field in inc/functions_online.php, and certain (3) tsubject and (4) psubject fields in moderation.php.
Remediation
References
Related Vulnerabilities
WordPress Plugin Mobile Domain Multiple Vulnerabilities (1.5.2)
Resin Application Server Other Vulnerability (CVE-2012-2967)
Oracle JRE CVE-2013-5800 Vulnerability (CVE-2013-5800)
WordPress Plugin Geo Mashup Unspecified Vulnerability (1.10.3)
WordPress Plugin GiveWP-Donation and Fundraising Platform Multiple Vulnerabilities (2.20.2)