Cross-Site Scripting Vulnerability in MyBB User Control Panel
CVE-2016-9406

6.1MEDIUM

Key Information:

Vendor: Mybb
Status: Mybb; Merge System
Vendor: CVE Published:; 31 January 2017

What is CVE-2016-9406?

A cross-site scripting vulnerability exists in the user control panel of MyBB, which allows remote attackers to inject arbitrary web scripts or HTML. This issue affects versions prior to 1.8.7 of MyBB and the MyBB Merge System, making it a potential target for exploitation through unspecified vectors. It is crucial for users to update to the latest versions to mitigate this risk.