Description
Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to inject arbitrary web script or HTML via vectors involving Mod control panel logs.
Remediation
References
Related Vulnerabilities
WordPress Plugin Smooth Slider SQL Injection (2.8.6)
PHP Improper Restriction of XML External Entity Reference Vulnerability (CVE-2023-3823)
Oracle HTTP Server Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-40438)
WordPress Plugin FireStats Arbitrary File Download (1.6.5)
WordPress Plugin Pixabay Images Multiple Vulnerabilities (2.3)