First published: Mon Nov 06 2023(Updated: )
Cross Site Scripting vulnerability in Mybb Mybb Forums v.1.8.33 allows a local attacker to execute arbitrary code via the theme Name parameter in the theme management component.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mybb Mybb | <1.8.37 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-45556 is a Cross Site Scripting vulnerability in Mybb Mybb Forums v.1.8.33 that allows a local attacker to execute arbitrary code via the theme Name parameter in the theme management component.
CVE-2023-45556 has a severity level of medium with a CVSS score of 5.4.
CVE-2023-45556 allows a local attacker to execute arbitrary code in Mybb Mybb Forums v.1.8.33 through the theme Name parameter in the theme management component.
CVE-2023-45556 affects Mybb Mybb Forums versions 1.8.33 up to but excluding 1.8.37.
Yes, the Mybb Mybb Forums developers have released a fix for CVE-2023-45556. It is recommended to update to version 1.8.37 or above to mitigate the vulnerability.