First published: Sun Mar 19 2006(Updated: )
CRLF injection vulnerability in inc/function.php in MyBulletinBoard (MyBB) 1.04 allows remote attackers to conduct cross-site scripting (XSS), poison caches, or hijack pages via CRLF (%0A%0D) sequences in the Referrer HTTP header field, possibly when redirecting to other web pages.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mybulletinboard Mybulletinboard | =1.0_final | |
Mybulletinboard Mybulletinboard | =rc3 | |
Mybulletinboard Mybulletinboard | =rc2 | |
Mybulletinboard Mybulletinboard | =rc1 | |
Mybulletinboard Mybulletinboard | =1.0.3 | |
Mybulletinboard Mybulletinboard | =rc4 | |
Mybulletinboard Mybulletinboard | =1.0_pr2 | |
Mybulletinboard Mybulletinboard | =1.0.1 | |
Mybulletinboard Mybulletinboard | =1.0.4 | |
Mybulletinboard Mybulletinboard | =1.0.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.