EIP-2026-109739
PRE-CVEMyBB User Profile Skype ID Plugin 1.0 - Persistent Cross-Site Scripting
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-109739. PoCs published by limb0.
AI-analyzed exploit summary This exploit demonstrates a stored XSS vulnerability in the 'Profile Skype ID MyBB Plugin' version 1.0. The vulnerability arises from insufficient input sanitization in the `profileskype_update` function, allowing arbitrary JavaScript execution when a malicious Skype ID is injected into a user profile.
Description
MyBB User Profile Skype ID Plugin 1.0 - Persistent Cross-Site Scripting
Exploits (1)
This exploit demonstrates a stored XSS vulnerability in the 'Profile Skype ID MyBB Plugin' version 1.0. The vulnerability arises from insufficient input sanitization in the `profileskype_update` function, allowing arbitrary JavaScript execution when a malicious Skype ID is injected into a user profile.