MyBB Thread Redirect 0.2.1 Cross Site Scripting ≈ Packet Storm – Digitalmunition

Exploit/Advisories

Published on February 4th, 2021 📆 | 3113 Views ⚑

0

MyBB Thread Redirect 0.2.1 Cross Site Scripting ≈ Packet Storm

MyBB Thread Redirect 0.2.1 Cross Site Scripting: Posted Feb 1, 2021; Authored by 0xB9; MyBB Thread Redirect plugin version 0.2.1 suffers from a cross site scripting vulnerability.; tags | exploit, xss; MD5 | 05e67e18d45785761cd520d48cd42fba; Download | Favorite | View

# Exploit Title: MyBB Thread Redirect Plugin 0.2.1 - Cross-Site Scripting
# Date: 7/23/2018
# Author: 0xB9
# Software Link: https://github.com/jamiesage123/Thread-Redirect
# Version: 0.2.1
# Tested on: Windows 101. Description:
This plugin allows threads to redirect to a URL with optional custom text. The custom text input is vulnerable to Cross-Site Scripting.
2. Proof of Concept:
- Create a new thread
- Input any Thread Subject and Redirect URL you'd like
- Use the following payload for Your Message     
Anyone who views the thread will execute payload.

Tagged with: advisory • cross • CSRF • exploit • MyBB • overflow • packet • redirect • scanner • scripting • security • Site • storm • thread • vulnerability • whitepaper • XSS

Leave a Reply Cancel reply

You must be logged in to post a comment.

we are all about Ethical Hacking, Penetration Testing & Computer Security. We share and comment on interesting infosec related news, tools and more. Follow us on RSS ,Facebook or Twitter for the latest updates. DigitalMunition is designed to help Auditors, Pentesters & Security Experts to keep their ethical hacking oriented toolbox up-to-date .
This website is made for educational and ethical testing purposes only。It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this website.

Archives

© DigitalMunition Privacy Policy Disclaimer T&C

Back to Top ↑