RSS   Vulnerabilities for 'Ban list'   RSS

2019-03-21
 
CVE-2018-14724

CWE-79
 

 
In the Ban List plugin 1.0 for MyBB, any forum user with mod privileges can ban users and input an XSS payload into the ban reason, which is executed on the bans.php page.

 

 >>> Vendor: MYBB 8 Products
MYBB
Devbb
Mybb hot editor plugin
Ajax forum stat
Merge system
New threads
Ban list
Trash bin


Copyright 2024, cxsecurity.com

 

Back to Top