4.3
CVSSv2

CVE-2006-0364

Published: 22/01/2006 Updated: 20/07/2017
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in MyBulletinBoard (MyBB) allows remote malicious users to inject arbitrary web script or HTML via a signature containing a JavaScript URI in the SRC attribute of an IMG element, in which the URI uses SGML numeric character references without trailing semicolons, as demonstrated by "&#106&#97&#118&#97&#115&#99&#114&#105&#112&#116".

Vulnerable Product Search on Vulmon Subscribe to Product

mybulletinboard mybulletinboard 1.0 final

mybulletinboard mybulletinboard 1.0 rc4

mybulletinboard mybulletinboard 1.0 pr2

mybulletinboard mybulletinboard 1.0.1

mybulletinboard mybulletinboard 1.0.2

mybulletinboard mybulletinboard 1.0 rc2

mybulletinboard mybulletinboard 1.0 preview release 2