← voltar
CVE-2018-25116

MyBB Thread Redirect Plugin 0.2.1 - Cross-Site Scripting

CVSS 5.1 MEDIUMEPSS 0.3%CWE-79
MyBB Thread Redirect Plugin 0.2.1 contains a cross-site scripting vulnerability in the custom text input field for thread redirects. Attackers can inject malicious SVG scripts that will execute when other users view the thread, allowing arbitrary script execution.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
Produtos afetados
jamiesage123 · MyBB Thread Redirect Plugin

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/jamiesage123/Thread-Redirecthttps://www.exploit-db.com/exploits/49505https://www.vulncheck.com/advisories/mybb-thread-redirect-plugin-cross-site-scripting