FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mybb -- vulnerabilities

Affected packages
mybb < 1.8.20_1


VuXML ID 395ed9d5-3cca-11e9-9ba0-4c72b94353b5
Discovery 2019-02-27
Entry 2019-03-02
Modified 2019-03-04

mybb Team reports:

Medium risk: Reset Password reflected XSS

Medium risk: ModCP Profile Editor username reflected XSS

Low risk: Predictable CSRF token for guest users

Low risk: ACP Stylesheet Properties XSS

Low risk: Reset Password username enumeration via email