Description
Cross-site scripting (XSS) vulnerability in private.php in MyBB (aka MyBulletinBoard) allows remote authenticated users to inject arbitrary web script or HTML via the Subject field, a different vector than CVE-2006-2949.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2014-6547 Vulnerability (CVE-2014-6547)
WordPress Plugin Portrait-Archiv.com Photostore Cross-Site Scripting (3.1)
WordPress Plugin Jssor Slider Arbitrary File Upload (1.3)
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2021-28683)
WordPress Plugin Titan Framework Cross-Site Scripting (1.7.5)