MyBB Recent threads 17.0 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts by creating threads with crafted subject lines. Attackers can create
MyBB Last User's Threads in Profile Plugin 1.2 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts by crafting thread subjects with script tags.
MyBB Thread Redirect Plugin 0.2.1 contains a cross-site scripting vulnerability in the custom text input field for thread redirects. Attackers can inject malicious SVG scripts that will execute when o
MyBB Trending Widget Plugin 1.2 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts through thread titles. Attackers can modify thread titles with script pa
MyBB Like Plugin 3.0.0 contains a stored cross-site scripting vulnerability. Authenticated attackers can inject script payloads into post or thread subjects; when other users view a profile that displ
Millhouse-Project 1.414 contains a persistent cross-site scripting vulnerability in the comment submission functionality that allows attackers to inject malicious scripts. Attackers can post comments
myBB Forums 1.8.26 contains a stored cross-site scripting vulnerability in the forum management system that allows authenticated administrators to inject malicious scripts when creating new forums. At
myBB Forums 1.8.26 contains a stored cross-site scripting vulnerability in the forum announcement system that allows authenticated administrators to inject malicious scripts when creating announcement
MyBB Downloads Plugin 2.0.3 contains a persistent cross-site scripting vulnerability that allows regular members to inject malicious scripts through the download title field. Attackers can submit a ne
MyBB Timeline Plugin 1.0 contains cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through thread titles, post content, and user profile fields like Location and B
Wikidforum 2.20 contains a cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted HTML in the reply_text parameter. Attackers can post
XMB Forum 1.9.12.06 contains a persistent cross-site scripting vulnerability that allows authenticated administrators to inject malicious JavaScript into templates and front page settings. Attackers c
A Stored cross-site scripting vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.9, 2025.Q1.0 through 2025.Q1.16, 2024.Q4.0 through 2024.Q4.7, 2024
myBB Forums 1.8.26 contains a stored cross-site scripting vulnerability in the template management system that allows authenticated administrators to inject malicious scripts when creating new templat
MyBB My Arcade Plugin 1.3 contains a persistent cross-site scripting vulnerability that allows authenticated users to inject malicious scripts through arcade game score comments. Attackers can add cra
A Stored cross-site scripting vulnerability in the Liferay Portal 7.4.3.120 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.8, 2025.Q1.0 through 2025.Q1.15, 2024.Q4.0 through 2024.Q4.7, 2
A stored cross-site scripting (XSS) vulnerability in the component install\index.php of MyBB v1.8.38 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the W
Victor CMS 1.0 contains a stored cross-site scripting vulnerability in the 'comment_author' POST parameter that allows attackers to inject malicious scripts. Attackers can submit crafted JavaScript pa
Kuicms Php EE 2.0 contains a persistent cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted content through the bbs reply endpoin
A cross-site scripting (XSS) vulnerability in flaskBlog v2.6.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the postContent parameter at /createpost.
Page 1+ Next →