CVE-2008-3069

Mybb < 1.2.12 - XSS

Title source: rule

Description

Multiple cross-site scripting (XSS) vulnerabilities in MyBB before 1.2.13 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) portal.php and (2) inc/functions_post.php.

References (3)

[Various Sources] http://community.mybboard.net/attachment.php?aid=9272

[Various Sources] http://community.mybboard.net/showthread.php?tid=31666

[Third Party Advisory] http://secunia.com/advisories/31013

Scores

EPSS 0.0025

EPSS Percentile 48.5%

Classification

CWE

CWE-79

Status draft

Affected Products (1)

mybb/mybb < 1.2.12

Timeline

Published Jul 08, 2008

Tracked Since Feb 18, 2026