ORIGINAL ADVISORY: http://myimei.com/security/2006-03-12/mybb-110functions_postphpxss-attack.html http://kapda.ir/advisory-305.html ---------- -Summary- Software: MyBB Sowtwares Web Site: http://www.mybboard.com Versions: 1.1.0 Class: Remote Status: Unpatched Exploit: Private Solution: Not Available Discovered by: imei addmimistrator Risk Level: medume Description There is a security bug in MyBB 1.1.0 software (latest version fully patched) that allows attacker performe a XSS cross site scripting attack. VISIT ORIGINALS TO MORE DETAILES;)
