Cross-Site Scripting (XSS) Vulnerability in Moderator Log Notes Plugin 1.1 for MyBB

Cross-Site Scripting (XSS) Vulnerability in Moderator Log Notes Plugin 1.1 for MyBB

CVE-2018-11430 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

An issue was discovered in the Moderator Log Notes plugin 1.1 for MyBB. It allows moderators to save notes and display them in a list in the modCP. The XSS is located in the mod notes textarea.

Learn more about our Web Application Penetration Testing UK.