First published: Thu Feb 08 2018(Updated: )
MyBB 1.8.14 has XSS via the Title or Description field on the Edit Forum screen.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mybb Mybb | =1.8.14 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this issue is CVE-2018-6844.
The severity of CVE-2018-6844 is medium with a CVSS score of 5.4.
The vulnerability manifests as a cross-site scripting (XSS) vulnerability in the Title or Description field on the Edit Forum screen of MyBB 1.8.14.
The affected software version is MyBB 1.8.14.
Yes, updating MyBB to a version that is not vulnerable to this issue is the recommended fix for CVE-2018-6844.