Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2021-41866

Disclosure Date: October 26, 2021 (last updated February 23, 2025)
MyBB before 1.8.28 allows stored XSS because the displayed Template Name value in the Admin CP's theme management is not escaped properly.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0