In MyBB before 1.8.34, there is XSS in the User CP module via the user email field.
{ "cpes": [ "cpe:2.3:a:mybb:mybb:*:*:*:*:*:*:*:*" ], "severity": "Medium" }