CVE-2018-25309

Name of the Vulnerable Software and Affected Versions MyBB Recent threads version 17.0

Description A persistent cross-site scripting issue allows attackers to inject malicious scripts by creating threads with crafted subject lines. By using script tags in the subject parameter, an attacker can execute arbitrary JavaScript in the browsers of all users who view the index page.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.