CVE-2018-25248

MyBB Downloads Plugin 2.0.3 Persistent XSS via downloads.php

CVSS 5.1 MEDIUMEPSS 0.2%CWE-79

In short

The MyBB Downloads Plugin 2.0.3 allows regular users to inject malicious scripts into download titles that execute when administrators view them. This means attackers can steal admin session tokens or perform unauthorized actions through a simple form submission.

Technical detail

A persistent XSS vulnerability exists in downloads.php where user-supplied input in the download title field is not properly sanitized before storage and rendering. An unauthenticated or authenticated user can inject arbitrary HTML/JavaScript that executes in the administrator's browser context during download validation, potentially leading to session hijacking or privilege escalation.

Summary generated and translated by AI from the official description.

MyBB Downloads Plugin 2.0.3 contains a persistent cross-site scripting vulnerability that allows regular members to inject malicious scripts through the download title field. Attackers can submit a new download with HTML/JavaScript code in the title parameter, which executes when administrators validate the download in downloads.php.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

Affected products

MyBB · MyBB Downloads Plugin

public PoCs found — 1

cve_referencewww.exploit-db.com/exploits/44400unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://community.mybb.com/mods.php?action=view&pid=854 https://www.exploit-db.com/exploits/44400 https://www.vulncheck.com/advisories/mybb-downloads-plugin-persistent-xss-via-downloads-php