Description

Cross-site scripting (XSS) vulnerability in MyBB before 1.6.15 allows remote attackers to inject arbitrary web script or HTML via vectors related to video MyCode.

Remediation

References

CVE-2014-5248

Related Vulnerabilities

WordPress Plugin AccessPress Social Login Lite-Social Login WordPress includes Backdoor [Only if downloaded via the vendor website] (3.4.7)

WordPress Plugin WP BASE Booking of Appointments, Services and Events PHP Object Injection (3.5.0)

WordPress Plugin Theme Editor Arbitrary File Download (2.5)

SharePoint Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-8743)

WordPress Plugin SFBrowser 'sfbrowser.php' Arbitrary File Upload (1.4.5)

Severity

Medium

Classification

CVE-2014-5248 CWE-707

Tags

Missing Update Known Vulnerabilities