CVE-2018-15596

CVE-2018-15596

An issue was discovered in inc/class_feedgeneration.php in MyBB 1.8.17. On the forum RSS Syndication page, one can generate a URL such as http://localhost/syndication.php?fid=&type=atom1.0&limit=15. The thread titles (within title elements of the generated XML documents) aren’t sanitized, leading to XSS.

Source: CVE-2018-15596

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다