Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) prior to 1.6.18 and 1.8.x prior to 1.8.6 and MyBB Merge System prior to 1.8.6 might allow remote malicious users to inject arbitrary web script or HTML via vectors related to "old upgrade files."
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
mybb merge system 1.8.5 |
||
mybb mybb 1.8.5 |
||
mybb mybb 1.8.4 |
||
mybb mybb 1.8.3 |
||
mybb mybb 1.8.2 |
||
mybb mybb 1.8.0 |
||
mybb mybb 1.8.1 |
||
mybb mybb |
Vulmon