Description

MyBB 1.8.31 has a Cross-site scripting (XSS) vulnerability in the visual MyCode editor (SCEditor) allows remote attackers to inject HTML via user input or stored data

Remediation

References

CVE-2022-43707

Related Vulnerabilities

WordPress Plugin SAML SP Single Sign On-SSO login Cross-Site Scripting (4.8.83)

WordPress Plugin AMP extensions Cross-Site Scripting (1.1)

WordPress Plugin WPGateway Privilege Escalation (3.5)

Apache HTTP Server DEPRECATED: Code Vulnerability (CVE-2015-3183)

Apache HTTP Server Insufficient Verification of Data Authenticity Vulnerability (CVE-2022-31813)

Severity

Medium

Classification

CVE-2022-43707 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities