First published: Mon Mar 15 2021(Updated: )
SQL Injection vulnerablity in MyBB before 1.8.26 via theme properties included in theme XML files.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mybb Mybb | <1.8.26 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2021-27890.
The severity of CVE-2021-27890 is high with a CVSS score of 8.8.
The SQL Injection vulnerability in MyBB before 1.8.26 occurs via theme properties included in theme XML files.
MyBB versions before 1.8.26 are affected by this vulnerability.
To fix the SQL Injection vulnerability in MyBB, upgrade to version 1.8.26 or later.