Cross-Site Scripting (XSS) exists in the Add Forum feature in the Administrative Panel in miniBB 3.2.2 via crafted use of an onload attribute of an SVG element in the supertitle field.
References
Link | Resource |
---|---|
https://offensivehacking.wordpress.com/2018/02/07/minibb-forums-v3-2-2-stored-xss/ | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2018-02-12T04:00:00
Updated: 2018-02-12T03:57:02
Reserved: 2018-02-01T00:00:00
Link: CVE-2018-6506
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-02-12T04:29:00.207
Modified: 2018-03-06T14:10:07.957
Link: CVE-2018-6506
JSON object: View
Redhat Information
No data.
CWE