CVE-2006-1716

Name of the Vulnerable Software and Affected Versions: MyBB (aka MyBulletinBoard) version 1.10

Description: A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via a JavaScript event in a BBCode img tag.

Recommendations: For MyBB (aka MyBulletinBoard) version 1.10, consider disabling the use of JavaScript events in BBCode img tags until a patch is available. Restrict access to the inc/functions post.php file to minimize the risk of exploitation. Avoid using the BBCode img tag with JavaScript events in posts until the issue is resolved.