CVE-2022-43709

Published November 22nd, 2022

View on NVD ↗

CVSS v3

4.9

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

MyBB 1.8.31 has a SQL injection vulnerability in the Admin CP's Users module allows remote authenticated users to modify the query string via direct user input or stored search filter settings.

mybb/mybb

MyBB is a free and open source forum software.

GitHub

1.22K