Description

A Persistent XSS issue was discovered in the Visual Editor in MyBB before 1.8.19 via a Video MyCode.

Remediation

References

CVE-2018-17128

Related Vulnerabilities

WordPress Plugin RSS Post Importer Cross-Site Scripting (2.2.1)

EspoCRM Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2022-38844)

osTicket Session Fixation Vulnerability (CVE-2022-31888)

WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.22)

WordPress Plugin ZWM Zeumic Work Management Multiple Unspecified Vulnerabilities (1.0.11)

Severity

Medium

Classification

CVE-2018-17128 CWE-707 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities