Cross-site scripting (XSS) vulnerability in archive/index.php/forum-4.html in MyBB (aka MyBulletinBoard) allows remote attackers to inject arbitrary web script or HTML via the navbits[][name] parameter.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mybulletinboard | Mybulletinboard | 1.0.1 (including) | 1.0.1 (including) |
Mybulletinboard | Mybulletinboard | 1.0.2 (including) | 1.0.2 (including) |
Mybulletinboard | Mybulletinboard | 1.0.3 (including) | 1.0.3 (including) |
Mybulletinboard | Mybulletinboard | 1.0.4 (including) | 1.0.4 (including) |
Mybulletinboard | Mybulletinboard | 1.0_final (including) | 1.0_final (including) |
Mybulletinboard | Mybulletinboard | 1.0_preview_release_2 (including) | 1.0_preview_release_2 (including) |
Mybulletinboard | Mybulletinboard | 1.0_rc2 (including) | 1.0_rc2 (including) |
Mybulletinboard | Mybulletinboard | 1.1 (including) | 1.1 (including) |
Mybulletinboard | Mybulletinboard | 1.1.1 (including) | 1.1.1 (including) |
Mybulletinboard | Mybulletinboard | 1.1.2 (including) | 1.1.2 (including) |
Mybulletinboard | Mybulletinboard | 1.1.3 (including) | 1.1.3 (including) |
Mybulletinboard | Mybulletinboard | 1.1.4 (including) | 1.1.4 (including) |
Mybulletinboard | Mybulletinboard | 1.1.5 (including) | 1.1.5 (including) |
Mybulletinboard | Mybulletinboard | 1.1.7 (including) | 1.1.7 (including) |
Mybulletinboard | Mybulletinboard | 1.10 (including) | 1.10 (including) |
Mybulletinboard | Mybulletinboard | 1.14 (including) | 1.14 (including) |
Mybulletinboard | Mybulletinboard | 1.20 (including) | 1.20 (including) |