CVE-2022-28354

CVSS V2 None CVSS V3 None
Description
In the Active Threads Plugin 1.3.0 for MyBB, the activethreads.php date parameter is vulnerable to XSS when setting a time period.
Overview
  • CVE ID
  • CVE-2022-28354
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Received
  • Published Version
  • 2023-04-24T21:15:09
  • Last Modified Date
  • 2023-04-24T21:15:09
References
Reference URL Reference Tags
http://packetstormsecurity.com/files/171402/MyBB-Active-Threads-1.3.0-Cross-Site-Scripting.html
https://community.mybb.com/mods.php?action=view&pid=1336
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2022-28354
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28354
History
Created Old Value New Value Data Type Notes
2023-04-24 22:00:46 Added to TrackCVE