RIPS Technologies Blog: MyBB <= 1.8.20: From Stored XSS to RCE

Impact Your browser does not support the video tag.
We discovered a Stored XSS vulnerability that occured due to a parsing error in posts and private messages in MyBB 1.8.20 and prior versions, as well as an authenticated Remote Code Execution vulnerability that can be exploited by administrators…


Leave a Reply