Back to search
CVE-2008-3966
Published: Sep 10, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka MyBulletinBoard) before 1.4.1 allow remote attackers to inject arbitrary web script or HTML via (1) a certain referrer field in usercp2.php, (2) a certain location field in inc/functions_online.php, and certain (3) tsubject and (4) psubject fields in moderation.php.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[oss-security] 20080909 CVE request: mybb < 1.4.1
mailing-list
x_refsource_MLIST
31760
third-party-advisory
x_refsource_SECUNIA
http://community.mybboard.net/showthread.php?tid=36022
x_refsource_CONFIRM
31104
vdb-entry
x_refsource_BID
http://community.mybboard.net/attachment.php?aid=10579
x_refsource_CONFIRM
[oss-security] 20080909 Re: CVE request: mybb < 1.4.1
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now