Description
MyBB 1.8.31 has a (issue 2 of 2) cross-site scripting (XSS) vulnerabilities in the post Attachments interface allow attackers to inject HTML by persuading the user to upload a file with specially crafted name
Remediation
References
Related Vulnerabilities
WordPress Plugin IMPress for IDX Broker Cross-Site Scripting (3.0.5)
WordPress Plugin WooCommerce Arbitrary File Download (3.4.5)
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-1686)
WordPress Plugin Yasr-Yet Another Stars Rating Unspecified Vulnerability (1.3.2)