Mybb Merge System 1.8.6 HTML script Cross Site Scripting Vulnerability
11 Aug. 2017
Summary
Mybb Merge System is prone to a cross-site scripting vulnerability.This allows remote attackers to inject arbitrary web script or HTML via vulnerable vectors.A remote attacker can use cross-site scripting(XSS) to send a hostile script to an unsuspicious user
Vulnerable Systems:
* Mybb Merge System 1.8.6
* Mybb 1.8.6
Cross-site scripting (XSS) vulnerability in the Mod control panel in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to inject arbitrary web script or HTML via vectors involving editing users.