MyBB Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2022-43708 - Vulnerability Database

MyBB

MyBB Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2022-43708

Medium

Reference: CVE-2022-43708

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2022-43708

Title: MyBB Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Overview:

MyBB 1.8.31 has a (issue 2 of 2) cross-site scripting (XSS) vulnerabilities in the post Attachments interface allow attackers to inject HTML by persuading the user to upload a file with specially crafted name