[KAPDA::#38] - MyBB 1.1.0~functions_post.php~XSS Attack

addmimistrator@xxxxxxxxx · 7 Apr 2006 08:21:00 -0000



ORIGINAL ADVISORY:
http://myimei.com/security/2006-03-12/mybb-110functions_postphpxss-attack.html
http://kapda.ir/advisory-305.html
----------
??????-Summary?????-
Software: MyBB
Sowtware?s Web Site: http://www.mybboard.com
Versions: 1.1.0
Class: Remote
Status: Unpatched
Exploit: Private
Solution: Not Available
Discovered by: imei addmimistrator
Risk Level: medume
??????Description?????
There is a security bug in MyBB 1.1.0 software (latest version fully patched) that allows attacker performe a XSS cross site scripting attack.
VISIT ORIGINALS TO MORE DETAILES;)