Cross-Site Scripting Vulnerability in MyBB Control Panel
CVE-2016-9408
6.1MEDIUM
What is CVE-2016-9408?
A cross-site scripting vulnerability exists in the Mod control panel of MyBB, a popular forum software, prior to version 1.8.7. The flaw enables remote attackers to inject arbitrary web scripts or HTML by exploiting functionalities associated with user account editing. This could lead to unauthorized actions on behalf of users and compromise the integrity of user data, thereby posing a significant security risk for MyBB installations.