Vulnerabilities > Mybb > Mybb > 1.6.11

DATE CVE VULNERABILITY TITLE RISK
2014-01-10 CVE-2013-7288 Cross-Site Scripting vulnerability in Mybb
Cross-site scripting (XSS) vulnerability in the mycode_parse_video function in inc/class_parser.php in MyBB (aka MyBulletinBoard) before 1.6.12 allows remote attackers to inject arbitrary web script or HTML via vectors related to Yahoo video URLs.
network
mybb CWE-79
4.3
4.3
2014-01-08 CVE-2013-7275 Cross-Site Scripting vulnerability in Mybb
Cross-site scripting (XSS) vulnerability in misc.php in MyBB (aka MyBulletinBoard) before 1.6.12 allows remote attackers to inject arbitrary web script or HTML via the editor parameter in a smilie list popup.
network
mybb CWE-79
4.3
4.3