Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the mycode_parse_video function in inc/class_parser.php in MyBB (aka MyBulletinBoard) before 1.6.12 allows remote attackers to inject arbitrary web script or HTML via vectors related to Yahoo video URLs.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MyBB ‘mycode_parse_video’函数跨站脚本漏洞
Vulnerability Description
MyBB(又名MyBulletinBoard)是MyBB团队开发的一套用PHP和MySQL开发的免费且基于Web的论坛软件。该软件具有简单易用、支持多国语言、可扩展等特点。 MyBB 1.6.11及之前的版本中的inc/class_parser.php脚本中的‘mycode_parse_video’函数中存在跨站脚本漏洞,该漏洞源于脚本没有正确验证Yahoo视频URL。远程攻击者可利用该漏洞注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A