← volver
CVE-2018-25116

MyBB Thread Redirect Plugin 0.2.1 - Cross-Site Scripting

CVSS 5.1 MEDIUMEPSS 0.3%CWE-79
MyBB Thread Redirect Plugin 0.2.1 contains a cross-site scripting vulnerability in the custom text input field for thread redirects. Attackers can inject malicious SVG scripts that will execute when other users view the thread, allowing arbitrary script execution.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
Productos afectados
jamiesage123 · MyBB Thread Redirect Plugin

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/jamiesage123/Thread-Redirecthttps://www.exploit-db.com/exploits/49505https://www.vulncheck.com/advisories/mybb-thread-redirect-plugin-cross-site-scripting