CVE-2023-53979

Name of the Vulnerable Software and Affected Versions MyBB version 1.8.32

Description MyBB version 1.8.32 contains a chained issue that allows authenticated administrators to bypass avatar upload restrictions and potentially execute arbitrary code. Attackers can modify upload path settings, upload a malicious PHP-embedded image file, and execute commands through the language configuration editing interface. The vulnerability involves bypassing restrictions on avatar uploads, which can lead to the execution of unauthorized code.

Recommendations Update to a newer version that contains a fix for this vulnerability.