First published: Sat Feb 18 2006(Updated: )
Cross-site scripting (XSS) vulnerability in calendar.php in MyBulletinBoard (MyBB) 1.0.4 allows remote attackers to inject arbitrary web script or HTML via a URL that is not sanitized before being returned as a link in "advanced details". NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mybulletinboard Mybulletinboard | =1.0_final | |
Mybulletinboard Mybulletinboard | =1.0_rc4 | |
Mybulletinboard Mybulletinboard | =1.0.3 | |
Mybulletinboard Mybulletinboard | =1.0_pr2 | |
Mybulletinboard Mybulletinboard | =1.0.1 | |
Mybulletinboard Mybulletinboard | =1.0.4 | |
Mybulletinboard Mybulletinboard | =1.0.2 | |
Mybulletinboard Mybulletinboard | =1.0_rc2 | |
Mybulletinboard Mybulletinboard | =1.0_preview_release_2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.