Description
MyBB before 1.8.25 allows stored XSS via nested [email] tags with MyCode (aka BBCode).
Remediation
References
Related Vulnerabilities
e107 Other Vulnerability (CVE-2006-4548)
WordPress Plugin FCChat Widget 'Upload.php' Arbitrary File Upload (2.2.13.1)
WordPress Plugin Connections Business Directory CSV Injection (9.6)
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.15)
Django Improper Input Validation Vulnerability (CVE-2011-4139)