Cross-Site Scripting (XSS) Vulnerability in miniBB 3.2.2 Administrative Panel's Add Forum Feature

Cross-Site Scripting (XSS) Vulnerability in miniBB 3.2.2 Administrative Panel's Add Forum Feature

CVE-2018-6506 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

Cross-Site Scripting (XSS) exists in the Add Forum feature in the Administrative Panel in miniBB 3.2.2 via crafted use of an onload attribute of an SVG element in the supertitle field.

Learn more about our Web Application Penetration Testing UK.