CVE-2013-7288

Cross-site scripting (XSS) vulnerability in the mycode_parse_video function in inc/class_parser.php in MyBB (aka MyBulletinBoard) before 1.6.12 allows remote attackers to inject arbitrary web script or HTML via vectors related to Yahoo video URLs.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 57%
VendorProductVersion
mybbmybb
𝑥
≤ 1.6.11
mybbmybb
1.00
mybbmybb
1.0:beta4
mybbmybb
1.0:pr1
mybbmybb
1.0:pr2
mybbmybb
1.0:rc1
mybbmybb
1.0:rc2
mybbmybb
1.0:rc3
mybbmybb
1.0:rc4
mybbmybb
1.01
mybbmybb
1.1.0
mybbmybb
1.1.1
mybbmybb
1.1.2
mybbmybb
1.1.3
mybbmybb
1.1.4
mybbmybb
1.1.5
mybbmybb
1.1.6
mybbmybb
1.1.7
mybbmybb
1.1.8
mybbmybb
1.02
mybbmybb
1.2
mybbmybb
1.2.0
mybbmybb
1.2.1
mybbmybb
1.2.2
mybbmybb
1.2.3
mybbmybb
1.2.4
mybbmybb
1.2.5
mybbmybb
1.2.6
mybbmybb
1.2.7
mybbmybb
1.2.8
mybbmybb
1.2.9
mybbmybb
1.2.10
mybbmybb
1.2.11
mybbmybb
1.2.12
mybbmybb
1.2.13
mybbmybb
1.2.14
mybbmybb
1.03
mybbmybb
1.3:pre-1.0
mybbmybb
1.04
mybbmybb
1.4.0
mybbmybb
1.4.1
mybbmybb
1.4.2
mybbmybb
1.4.3
mybbmybb
1.4.4
mybbmybb
1.4.5
mybbmybb
1.4.6
mybbmybb
1.4.7
mybbmybb
1.4.8
mybbmybb
1.4.9
mybbmybb
1.4.10
mybbmybb
1.4.11
mybbmybb
1.4.12
mybbmybb
1.4.13
mybbmybb
1.4.14
mybbmybb
1.4.15
mybbmybb
1.4.16
mybbmybb
1.5.1
mybbmybb
1.5.2
mybbmybb
1.6.0
mybbmybb
1.6.1
mybbmybb
1.6.2
mybbmybb
1.6.3
mybbmybb
1.6.4
mybbmybb
1.6.5
mybbmybb
1.6.6
mybbmybb
1.6.7
mybbmybb
1.6.8
mybbmybb
1.6.9
mybbmybb
1.6.10
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://blog.mybb.com/2013/12/16/mybb-1-6-12-released-security-maintenance-release
http://osvdb.org/show/osvdb/101544
http://secunia.com/advisories/55945
http://www.securityfocus.com/bid/64570
https://github.com/mybb/mybb/commit/238696e37d6a22b89e6bba11e4de3e6620cb5547
http://blog.mybb.com/2013/12/16/mybb-1-6-12-released-security-maintenance-release
http://osvdb.org/show/osvdb/101544
http://secunia.com/advisories/55945
http://www.securityfocus.com/bid/64570
https://github.com/mybb/mybb/commit/238696e37d6a22b89e6bba11e4de3e6620cb5547