Cross-site scripting (XSS) vulnerability in newthread.php in MyBB (aka MyBulletinBoard) 1.10, when configured to permit new threads by unregistered users, allows remote malicious users to inject arbitrary web script or HTML via the username.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mybulletinboard mybulletinboard 1.10 |