CVE-2017-7566

HIGH

MyBB < 1.8.11 - Server-Side Request Forgery via Protection Mechanism Bypass

Title source: llm

MyBB before 1.8.11 allows remote attackers to bypass an SSRF protection mechanism.

Core 4

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

Exploit, Patch, Third Party Advisory x_refsource_misc

Patch x_refsource_confirm

Patch, Vendor Advisory x_refsource_confirm

CVSS v3 7.7

EPSS 0.0217

EPSS Percentile 80.0%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

CWE

CWE-918

Status published

Products (1)

mybb/mybb < 1.8.10

Published Apr 06, 2017

Tracked Since Feb 18, 2026