CVE-2021-41866

CVE-2021-41866

EPSS 0.5%

MyBB before 1.8.28 allows stored XSS because the displayed Template Name value in the Admin CP's theme management is not escaped properly.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/mybb/mybb/security/advisories/https://github.com/mybb/mybb/security/advisories/GHSA-gxhv-r3m5-6qv7