First published: Mon Sep 17 2018(Updated: )
A Persistent XSS issue was discovered in the Visual Editor in MyBB before 1.8.19 via a Video MyCode.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mybb Mybb | <1.8.19 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this issue is CVE-2018-17128.
The title of this vulnerability is 'Persistent XSS issue in MyBB Visual Editor via Video MyCode'.
The severity of CVE-2018-17128 is medium with a CVSS score of 5.4.
This vulnerability can be exploited by injecting malicious code through the Video MyCode in the Visual Editor of MyBB.
To fix this vulnerability, update MyBB to version 1.8.19 or above, as it has been fixed in this release.