CVE-2005-3776

Name of the Vulnerable Software and Affected Versions MyBB version 1.0 PR2 Rev 686

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. The injection can occur via two main avenues: the subject field when creating a new thread and information passed to the Reputation system.

Recommendations For MyBB version 1.0 PR2 Rev 686, as a temporary workaround, consider restricting user input in the subject field when creating new threads and limiting the information that can be passed to the Reputation system until a fix is available.