CVE-2018-25309 in Recent threadsinfo

Zusammenfassung

von MITRE • 29.04.2026

MyBB Recent threads 17.0 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts by creating threads with crafted subject lines. Attackers can create threads with script tags in the subject parameter to execute arbitrary JavaScript in the browsers of all users viewing the index page.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

VulnCheck

Reservieren

29.04.2026

Veröffentlichung

29.04.2026

Moderieren

akzeptiert

Eintrag

VDB-360225

CPE

bereit

CWE

CWE-79 (bestätigt)

Exploit

Download

CVSS

7.2 (CNA)

EPSS

0.00028

KEV

nein

Aktivitäten

very low

Sektor

Agriculture, Hostingprovider, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2018-25309
NVD	https://nvd.nist.gov/vuln/detail/CVE-2018-25309
CVE Details	https://www.cvedetails.com/cve/CVE-2018-25309/

◂ Zurück Übersicht Weiter ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!