CVE-2005-3776

Properties

Published:
21.11.2005
Updated:
23.11.2005
Patch available:
Severity:
Low
  • CVSS vector:
    (AV:R/AC:L/Au:NR/C:N/I:P/A:N/B:N)
    Product:
    MyBulletinBoard: MyBulletinBoard

    Vulnerability description

    Multiple cross-site scripting (XSS) vulnerabilities in MyBulletinBoard (MyBB) 1.0 PR2 Rev 686 allow remote attackers to inject arbitrary web script or HTML via (1) the subject field when creating a new thread and (2) information passed to the Reputation system.

    References:

    BUGTRAQ: http://marc.theaimsgroup.com/?l=bugtraq&m=113198945111329&w=2
    SECUNIA: http://secunia.com/advisories/17577/
    BUGTRAQ: http://marc.theaimsgroup.com/?l=bugtraq&m=113198945111329&w=2