CVE-2021-41866

CVE-2021-41866

EPSS 0.5%

MyBB before 1.8.28 allows stored XSS because the displayed Template Name value in the Admin CP's theme management is not escaped properly.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/mybb/mybb/security/advisories/https://github.com/mybb/mybb/security/advisories/GHSA-gxhv-r3m5-6qv7