Cross-site scripting (XSS) vulnerability in printthread.php in MyBB 1.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a thread message, which is not properly sanitized in the print view of the thread.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Mybulletinboard | Mybulletinboard | 1.0.1 (including) | 1.0.1 (including) |
| Mybulletinboard | Mybulletinboard | 1.0_pr2 (including) | 1.0_pr2 (including) |
| Mybulletinboard | Mybulletinboard | 1.00_rc1 (including) | 1.00_rc1 (including) |
| Mybulletinboard | Mybulletinboard | 1.00_rc2 (including) | 1.00_rc2 (including) |
| Mybulletinboard | Mybulletinboard | 1.00_rc3 (including) | 1.00_rc3 (including) |
| Mybulletinboard | Mybulletinboard | 1.0_rc4 (including) | 1.0_rc4 (including) |
| Mybulletinboard | Mybulletinboard | 1.00_rc4 (including) | 1.00_rc4 (including) |
| Mybulletinboard | Mybulletinboard | 1.00_rc4_security_patch (including) | 1.00_rc4_security_patch (including) |
| Mybulletinboard | Mybulletinboard | rc1 (including) | rc1 (including) |
| Mybulletinboard | Mybulletinboard | rc2 (including) | rc2 (including) |
| Mybulletinboard | Mybulletinboard | rc3 (including) | rc3 (including) |
| Mybulletinboard | Mybulletinboard | rc4 (including) | rc4 (including) |