CVE-2018-19202

Publication date

2019-04-11 20:00:10

Family

mitre

State

PUBLISHED

Description

A reflected XSS vulnerability in index.php in MyBB 1.8.x through 1.8.19 allows remote attackers to inject JavaScript via the upsetting[bburl] parameter.