[MyBB 1.6.9]Reflected XSS in ModCP - Printable Version +- Sinisterly (https://sinister.ly) +-- Forum: Hacking (https://sinister.ly/Forum-Hacking) +--- Forum: Website & Server Hacking (https://sinister.ly/Forum-Website-Server-Hacking) +--- Thread: [MyBB 1.6.9]Reflected XSS in ModCP (/Thread-MyBB-1-6-9-Reflected-XSS-in-ModCP)

[MyBB 1.6.9]Reflected XSS in ModCP - 1llusion - 02-19-2013 Hi! So I've discovered a XSS vulnerability in MyBB. The vulnerability affects version 1.6.9 (newest release at the date of writing this thread - 19.2.2013) and possibly all previous versions too. In the following link, you will find an example of the exploit and also a way to patch it. I have contacted MyBB and the official fix will be released in the next version (1.6.10). http://blog.1llusion.info/2013/02/mybb-169-and-possibly-all-previous.html Have a nice day!