1. CVE-Search
  2. CVE-2005-4603
ID CVE-2005-4603
Summary Cross-site scripting (XSS) vulnerability in printthread.php in MyBB 1.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a thread message, which is not properly sanitized in the print view of the thread.
References
Vulnerable Configurations
  • cpe:2.3:a:mybulletinboard:mybulletinboard:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mybulletinboard:mybulletinboard:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mybulletinboard:mybulletinboard:1.0_pr2:*:*:*:*:*:*:*
    cpe:2.3:a:mybulletinboard:mybulletinboard:1.0_pr2:*:*:*:*:*:*:*
  • cpe:2.3:a:mybulletinboard:mybulletinboard:1.00_rc1:*:*:*:*:*:*:*
    cpe:2.3:a:mybulletinboard:mybulletinboard:1.00_rc1:*:*:*:*:*:*:*
  • cpe:2.3:a:mybulletinboard:mybulletinboard:1.00_rc2:*:*:*:*:*:*:*
    cpe:2.3:a:mybulletinboard:mybulletinboard:1.00_rc2:*:*:*:*:*:*:*
  • cpe:2.3:a:mybulletinboard:mybulletinboard:1.00_rc3:*:*:*:*:*:*:*
    cpe:2.3:a:mybulletinboard:mybulletinboard:1.00_rc3:*:*:*:*:*:*:*
  • cpe:2.3:a:mybulletinboard:mybulletinboard:1.00_rc4:*:*:*:*:*:*:*
    cpe:2.3:a:mybulletinboard:mybulletinboard:1.00_rc4:*:*:*:*:*:*:*
  • cpe:2.3:a:mybulletinboard:mybulletinboard:1.0_rc4:*:*:*:*:*:*:*
    cpe:2.3:a:mybulletinboard:mybulletinboard:1.0_rc4:*:*:*:*:*:*:*
  • cpe:2.3:a:mybulletinboard:mybulletinboard:1.00_rc4_security_patch:*:*:*:*:*:*:*
    cpe:2.3:a:mybulletinboard:mybulletinboard:1.00_rc4_security_patch:*:*:*:*:*:*:*
  • cpe:2.3:a:mybulletinboard:mybulletinboard:rc1:*:*:*:*:*:*:*
    cpe:2.3:a:mybulletinboard:mybulletinboard:rc1:*:*:*:*:*:*:*
  • cpe:2.3:a:mybulletinboard:mybulletinboard:rc2:*:*:*:*:*:*:*
    cpe:2.3:a:mybulletinboard:mybulletinboard:rc2:*:*:*:*:*:*:*
  • cpe:2.3:a:mybulletinboard:mybulletinboard:rc3:*:*:*:*:*:*:*
    cpe:2.3:a:mybulletinboard:mybulletinboard:rc3:*:*:*:*:*:*:*
  • cpe:2.3:a:mybulletinboard:mybulletinboard:rc4:*:*:*:*:*:*:*
    cpe:2.3:a:mybulletinboard:mybulletinboard:rc4:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 19-10-2018 - 15:41)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:P/A:N
refmap via4
bid 16096
bugtraq 20051231 MyBB XSS cross-site scripting
osvdb 21601
secunia 18281
sreason 310
vupen ADV-2006-0012
Last major update 19-10-2018 - 15:41
Published 31-12-2005 - 05:00
Last modified 19-10-2018 - 15:41
Back to Top