Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
MyBB (aka MyBulletinBoard) 1.4.2 does not properly handle an uploaded file with a nonstandard file type that contains HTML sequences, which allows remote attackers to cause that file to be processed as HTML by Internet Explorer's content inspection, aka "Incomplete protection against MIME-sniffing." NOTE: this could be leveraged for XSS and other attacks.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MyBB 不标准文件类型输入验证漏洞
Vulnerability Description
MyBB是一个免费开源的PHP电子布告栏系统软件包。MyBB (又称MyBulletinBoard) 1.4.2版本没有正确的处理一个带有不标准的文件类型(包含HTML序列)的上传文件,这使得远程攻击者可以造成该文件作为HTML而被Internet Explorer的内容检查处理掉,又称"防止MIME-sniffing的不完全保护" 。
CVSS Information
N/A
Vulnerability Type
N/A