FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mybb -- vulnerabilities

Affected packages
mybb < 1.8.19

Details

VuXML ID ab38d9f8-b787-11e8-8e7a-00e04c1ea73d
Discovery 2018-09-11
Entry 2018-09-13

mybb Team reports:

High risk: Email field SQL Injection.

Medium risk: Video MyCode Persistent XSS in Visual Editor.

Low risk: Insufficient permission check in User CP’s attachment management.

Low risk: Insufficient email address verification.

References

URL https://blog.mybb.com/2018/09/11/mybb-1-8-19-released-security-maintenance-release/