Stealien

**Name of the Vulnerable Software and Affected Versions** YITH Custom Login versions 1.7.0 and earlier **Description** The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting (XSS). This allows for Stored XSS attacks. **Recommendations** For YITH Custom Login versions 1.7.0 and earlier, update to a version later than 1.7.0 to resolve the issue. As a temporary workaround, consider restricting user input to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** MyBB versions prior to 1.8.22 **Description** The issue concerns an Installer Remote Code Execution (RCE) vulnerability related to settings file write in MyBB. **Recommendations** For MyBB versions prior to 1.8.22, update to version 1.8.22 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** MyBB versions prior to 1.8.22 **Description** The issue allows for an open redirect on login. **Recommendations** For versions prior to 1.8.22, update to version 1.8.22 or later to resolve the issue.