Cross Site Scripting vulnerability in Mybb Mybb Forums v.1.8.33 allows a local attacker to execute arbitrary code via the theme Name parameter in the theme management component.
{ "cpes": [ "cpe:2.3:a:mybb:mybb:*:*:*:*:*:*:*:*" ], "severity": "Medium" }