CVE-2021-27279
- Source
- https://cve.org/CVERecord?id=CVE-2021-27279
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-27279.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2021-27279
- Aliases
- Related
- Published
- 2021-02-22T20:15:13.243Z
- Modified
- 2026-01-30T11:14:44.990185Z
- Severity
-
- 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
MyBB before 1.8.25 allows stored XSS via nested [email] tags with MyCode (aka BBCode).
- References
-
- https://github.com/mybb/mybb/commit/cb781b49116bf5c4d8deca3e17498122b701677a
- https://github.com/mybb/mybb/security/advisories/GHSA-6483-hcpp-p75w
- https://mybb.com/versions/1.8.25/
- https://github.com/mybb/mybb/commit/cb781b49116bf5c4d8deca3e17498122b701677a
- https://github.com/mybb/mybb/security/advisories/GHSA-6483-hcpp-p75w
Affected packages
Git / github.com/mybb/mybb
Affected ranges
- Type
- GIT
- Repo
- https://github.com/mybb/mybb
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
Other
mybb_1800
mybb_1801
mybb_1804
mybb_1805
mybb_1806
mybb_1807
mybb_1808
mybb_1809
mybb_1810
mybb_1811
mybb_1812
mybb_1813
mybb_1814
mybb_1815
mybb_1815_build
mybb_1816
mybb_1816_build
mybb_1817
mybb_1817_build
mybb_1818
mybb_1818_build
mybb_1819
mybb_1819_build
mybb_1820
mybb_1820-rc
mybb_1820_build
mybb_1821
mybb_1821_build
mybb_1821pl1
mybb_1822
mybb_1822_build
mybb_1823
mybb_1823_build
mybb_1824