CVE-2014-5248

Mybb < 1.6.14 - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in MyBB before 1.6.15 allows remote attackers to inject arbitrary web script or HTML via vectors related to video MyCode.

References (2)

[Patch, Vendor Advisory] http://blog.mybb.com/2014/08/04/mybb-1-6-15-released-security-maintenance-release

[Third Party Advisory] http://secunia.com/advisories/59707

Scores

EPSS 0.0026

EPSS Percentile 49.5%

Details

CWE

CWE-79

Status published

Products (16)

mybb/mybb < 1.6.14

mybb/mybb

... and 6 more

Published Aug 14, 2014

Tracked Since Feb 18, 2026