Skip to main content

Latest Posts On Profile

1 CVEs product

Monthly

CVE-2018-10580 MEDIUM POC This Month

The "Latest Posts on Profile" plugin 1.1 for MyBB has XSS because there is an added section in a user profile that displays that user's most recent posts without sanitizing the tsubject (aka thread. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Latest Posts On Profile
NVD Exploit-DB
CVSS 3.0
5.4
EPSS
1.6%
EPSS 2% CVSS 5.4
MEDIUM POC This Month

The "Latest Posts on Profile" plugin 1.1 for MyBB has XSS because there is an added section in a user profile that displays that user's most recent posts without sanitizing the tsubject (aka thread. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Latest Posts On Profile
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy