FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mybb -- multiple vulnerabilities

Affected packages
mybb < 1.8.13


VuXML ID 7761288c-d148-11e7-87e5-00e04c1ea73d
Discovery 2017-11-07
Entry 2017-11-24

myBB Team reports:

High risk: Installer RCE on configuration file write

High risk: Language file headers RCE

Medium risk: Installer XSS

Medium risk: Mod CP Edit Profile XSS

Low risk: Insufficient moderator permission check in delayed moderation tools

Low risk: Announcements HTML filter bypass

Low risk: Language Pack Properties XSS.