oss-sec mailing list archives

Re: CVE request: mybb < 1.2.14

From: "Steven M. Christey" <coley () linus mitre org>
Date: Sun, 27 Jul 2008 18:28:46 -0400 (EDT)


======================================================
Name: CVE-2008-3334
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3334
Reference: CONFIRM:http://community.mybboard.net/thread-33865.html

Cross-site scripting (XSS) vulnerability in MyBB 1.2.x before 1.2.14
allows remote attackers to inject arbitrary web script or HTML via
unspecified vectors.

Current thread:

CVE request: mybb < 1.2.14 Hanno Böck (Jul 20)
- Re: CVE request: mybb < 1.2.14 Steven M. Christey (Jul 27)