Cross-site scripting (XSS) vulnerability in MyBB prior to 1.6.13 allows remote authenticated users to inject arbitrary web script or HTML via the name parameter in the edit action of the config-profile_fields module.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mybb mybb |