CVE

Id
55569  
CVE No.
CVE-2012-2326  
Status
Candidate  
Description
Cross-site scripting (XSS) vulnerability in the Admin Control Panel (ACP) in MyBB (aka MyBulletinBoard) before 1.6.7 allows remote administrators to inject arbitrary web script or HTML via a malformed file name in an orphaned attachment.  
Phase
Assigned (20120419)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
579778 55569 CVE-2012-2326 MLIST:[oss-security] 20120507 CVE request: mybb before 1.6.7  View
579779 55569 CVE-2012-2326 URL:http://www.openwall.com/lists/oss-security/2012/05/07/13  View
579780 55569 CVE-2012-2326 MLIST:[oss-security] 20120507 Re: CVE request: mybb before 1.6.7  View
579781 55569 CVE-2012-2326 URL:http://www.openwall.com/lists/oss-security/2012/05/07/14  View
579782 55569 CVE-2012-2326 CONFIRM:http://blog.mybb.com/2012/04/01/mybb-1-6-7-update-1-8-development/  View
579783 55569 CVE-2012-2326 BID:53417  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
27877 JVNDB-2012-003584 Serendipity におけるクロスサイトスクリプティングの脆弱性 Serendipity の serendipity/serendipity_admin_image_selector.php には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2012-2331 55569 4.3 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003584.html  View