Vulnerabilities > CVE-2006-0495 - HTML Injection vulnerability in Mybulletinboard 1.0.2
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE network
mybulletinboard
Summary
Cross-site scripting (XSS) vulnerability in the Add Thread to Favorites feature in usercp2.php in MyBB (aka MyBulletinBoard) 1.02 allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer header ($url variable).
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |