WEB APPLICATION VULNERABILITIES Standard & Premium

MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-27889)

Description

Cross-site Scripting (XSS) vulnerability in MyBB before 1.8.26 via Nested Auto URL when parsing messages.

Remediation

References

Related Vulnerabilities

WordPress Plugin Cashtomer SQL Injection (1.0.0)

WordPress Plugin Download Manager Arbitrary File Deletion (3.2.50)

WordPress Plugin WP Socializer-Simple & Easy Social Media Share Icons Cross-Site Scripting (7.2)

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-0500)

MySQL CVE-2021-35632 Vulnerability (CVE-2021-35632)

Severity

Medium

Classification

CVE-2021-27889 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities