Description
Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 might allow remote attackers to inject arbitrary web script or HTML via vectors related to "old upgrade files."
Remediation
References
Related Vulnerabilities
MySQL CVE-2022-21330 Vulnerability (CVE-2022-21330)
MySQL CVE-2014-6496 Vulnerability (CVE-2014-6496)
Internet Information Services Other Vulnerability (CVE-1999-0739)
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-13662)
WordPress Plugin WP Photo Album Plus Cross-Site Scripting (4.9.2)