MyBB Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2023-53976
Reference:
CVE-2023-53976
Title:
MyBB Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:
myBB Forums 1.8.26 contains a stored cross-site scripting vulnerability in the template management system that allows authenticated administrators to inject malicious scripts when creating new templates. Attackers can exploit this vulnerability by inserting script payloads in the template title field when adding new templates through the 39Templates and Style39 gt 39Templates39 gt 39Manage Templates39 gt 39Global Templates39 interface causing arbitrary JavaScript to execute when the template is viewed.