FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mybb -- vulnerabilities

Affected packages
mybb < 1.8.21


VuXML ID 13960f55-8d35-11e9-9ba0-4c72b94353b5
Discovery 2019-06-10
Entry 2019-06-12

mybb Team reports:

High risk: Theme import stylesheet name RCE

High risk: Nested video MyCode persistent XSS

Medium risk: Find Orphaned Attachments reflected XSS

Medium risk: Post edit reflected XSS

Medium risk: Private Messaging folders SQL injection

Low risk: Potential phar deserialization through Upload Path