CVE-2018-6506

CVE: CVE-2018-6506
Published: 2018-02-12T04:29Z
Vendor: minibb
Products: minibb
Versions: 3.2.2,
Description Language: en
Description: Cross-Site Scripting (XSS) exists in the Add Forum feature in the Administrative Panel in miniBB 3.2.2 via crafted use of an onload attribute of an SVG element in the supertitle field.
References:
MiniBB Forums v3.2.2 – Stored XSS