Description
Cross-site scripting (XSS) vulnerability in MyBulletinBoard (MyBB) allows remote attackers to inject arbitrary web script or HTML via a signature containing a JavaScript URI in the SRC attribute of an IMG element, in which the URI uses SGML numeric character references without trailing semicolons, as demonstrated by "&#106&#97&#118&#97&#115&#99&#114&#105&#112&#116".
Published: 2006-01-22
Score: 4.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2006-0371 Cross-site scripting (XSS) vulnerability in MyBulletinBoard (MyBB) allows remote attackers to inject arbitrary web script or HTML via a signature containing a JavaScript URI in the SRC attribute of an IMG element, in which the URI uses SGML numeric character references without trailing semicolons, as demonstrated by "&#106&#97&#118&#97&#115&#99&#114&#105&#112&#116".
History

No history.

Subscriptions

Mybulletinboard Mybulletinboard
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-07T16:34:14.419Z

Reserved: 2006-01-22T00:00:00.000Z

Link: CVE-2006-0364

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2006-01-22T20:03:00.000

Modified: 2026-04-16T00:27:16.627

Link: CVE-2006-0364

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses