In MyBB before 1.8.21, an attacker can exploit a parsing flaw in the Private Message / Post renderer that leads to BBCode persistent XSS to take over any forum account, aka a nested video MyCode issue.
Source: NIST
CVE-2019-12830
Security in mind
In MyBB before 1.8.21, an attacker can exploit a parsing flaw in the Private Message / Post renderer that leads to BBCode persistent XSS to take over any forum account, aka a nested video MyCode issue.
Source: NIST
CVE-2019-12830