En

MyBB官网安全更新(2019-06-10)

来源:MyBB官网 发布日期:2019-06-10 阅读次数:293 评论:0

基本信息

发布日期:2019-06-10(官方当地时间)

更新类型:安全更新

更新版本:1.8.21

感知时间:2019-12-05 19:42:00

风险等级:高危

情报贡献:TSRC

更新标题

MyBB 1.8.21 Released — Security & Maintenance Release

更新详情


High risk: Theme import stylesheet name RCE — reported by Simon Scannell and Robin Peraglie of RIPS Technologies
High risk: Nested video MyCode persistent XSS — reported by Simon Scannell and Robin Peraglie of RIPS Technologies
Medium risk: Find Orphaned Attachments reflected XSS — reported by Simon Scannell of RIPS Technologies
Medium risk: Post edit reflected XSS — reported by adm1nkyj of ENKI
Medium risk: Private Messaging folders SQL injection — reported by Alex of DiscoveryGC
Low risk: Potential phar deserialization through Upload Path — reported by Simon Scannell of RIPS Technologies

软件描述

MyBB是国际上非常优秀的免费论坛软件

CVE编号

TSRC分析

暂无

业界资讯

暂无

评论

提交评论 您输入的评论有误,请重新输入