CVE-2008-3966

Name of the Vulnerable Software and Affected Versions MyBB versions prior to 1.4.1

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. The affected areas include a certain referrer field in "usercp2.php", a certain location field in "inc/functions online.php", and certain tsubject and psubject fields in "moderation.php".

Recommendations For versions prior to 1.4.1, update to version 1.4.1 or later to resolve the issue.