MyBB Server-Side Request Forgery (SSRF) Vulnerability - CVE-2025-29460 - Vulnerability Database

MyBB Server-Side Request Forgery (SSRF) Vulnerability - CVE-2025-29460

High

Reference: CVE-2025-29460

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2025-29460

Title: MyBB Server-Side Request Forgery (SSRF) Vulnerability

Overview:

An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Add Mycode function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators and because of SSRF mitigation.