MyBB fixed a Persistent XSS (CVE-2021-27279) in MyBB < 1.8.25 | PT SWARM

MyBB fixed a Persistent XSS (CVE-2021-27279) in MyBB < 1.8.25 found by our researcher Igor Sak-Sakovskiy.

RCE is possible when chained with CVE-2021-27890, reported by Simon Scannell & Carl Smith.

Advisory: https://mybb.com/versions/1.8.25/

PT SWARM

🙋 2.98K
Technologies

Positive Technologies Offensive Team: twitter.com/ptswarm. This is the channel where we share articles/vulnerabilities/scripts/etc, not necessarily authored by us, that we find interesting...

Join
▲ Vote (1)

MyBB fixed a Persistent XSS (CVE-2021-27279) in MyBB < 1.8.25 | PT SWARM

Login