First published: Mon Mar 15 2021(Updated: )
Cross-site Scripting vulnerability in MyBB before 1.8.26 via Custom moderator tools.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mybb Mybb | <1.8.26 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-27949 is a Cross-site Scripting vulnerability in MyBB before version 1.8.26 via Custom moderator tools.
The Cross-site Scripting vulnerability in MyBB allows an attacker to inject malicious scripts into web pages viewed by other users, potentially leading to unauthorized access or manipulation of user data.
The vulnerability affects MyBB versions before 1.8.26.
The severity of CVE-2021-27949 is medium, with a CVSS score of 6.1.
To fix the vulnerability, it is recommended to update MyBB to version 1.8.26 or later, which includes a patch to mitigate the Cross-site Scripting vulnerability.