Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
3.5
CVSSv2

CVE-2019-12830

Published: 15/06/2019 Updated: 20/06/2019
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
CVSS v3 Base Score: 8.7 | Impact Score: 5.8 | Exploitability Score: 2.3
VMScore: 312
Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N
Subscribe to Mybb

Vulnerability Summary

In MyBB prior to 1.8.21, an attacker can exploit a parsing flaw in the Private Message / Post renderer that leads to [video] BBCode persistent XSS to take over any forum account, aka a nested video MyCode issue.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

mybb mybb

References

CWE-79https://blog.ripstech.com/2019/mybb-stored-xss-to-rce/https://blog.mybb.com/2019/06/10/mybb-1-8-21-released-security-maintenance-release/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21987buffer overflowCVE-2024-28890CVE-2024-27574CVE-2024-27347CVE-2024-31450privilegeSSTICVE-2024-31666
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook