CVE-2018-14724

In the Ban List plugin 1.0 for MyBB, any forum user with mod privileges can ban users and input an XSS payload into the ban reason, which is executed on the bans.php page.
References
Link Resource
https://www.exploit-db.com/exploits/46347 Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:mybb:ban_list:1.0:*:*:*:*:mybb:*:*

Information

Published : 2019-03-21 04:00

Updated : 2019-03-26 02:57


NVD link : CVE-2018-14724

Mitre link : CVE-2018-14724

Products Affected
No products.
CWE