Description

Cross-site scripting (XSS) vulnerability in member validation in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2016-9405

Related Vulnerabilities

WordPress Plugin AppPresser-Mobile App Framework Cross-Site Scripting (1.1.4)

WordPress Plugin Registrations for the Events Calendar-Event Registration Cross-Site Scripting (2.7.9)

XOOPS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-12139)

WebLogic CVE-2021-2211 Vulnerability (CVE-2021-2211)

MediaWiki CVE-2019-12472 Vulnerability (CVE-2019-12472)

Severity

Medium

Classification

CVE-2016-9405 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities