CVE-2023-53976
BaseFortify
Publication date: 2025-12-22
Last updated on: 2025-12-27
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mybb | mybb | 1.8.26 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2023-53976 is a stored cross-site scripting (XSS) vulnerability in myBB Forums version 1.8.26. It occurs in the template management system where authenticated administrators can inject malicious JavaScript code into the template title field when creating new templates. This malicious script is then stored and executed whenever the compromised template is viewed, allowing arbitrary JavaScript to run in the context of the application. [2, 3]
How can this vulnerability impact me? :
This vulnerability can allow attackers with administrator access to inject malicious scripts that execute arbitrary JavaScript in the context of the forum application. This can lead to unauthorized actions such as session hijacking, defacement, or theft of sensitive information from users or administrators viewing the affected templates. It compromises the security and integrity of the forum environment. [2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting to inject typical XSS payloads into the template title field via the administrative interface at 'Templates and Style' > 'Templates' > 'Manage Templates' > 'Global Templates'. For example, an authenticated administrator can try submitting a payload like "><img src=x onerror=alert(1)>" in the template title field and then view the template to see if the script executes. Detection involves monitoring HTTP POST requests to the template management endpoints for suspicious input and checking the rendered templates for unsanitized script execution. Specific commands would involve using tools like curl or Burp Suite to send crafted POST requests to the admin endpoints and inspecting responses. For example, a curl command to test injection might be: curl -X POST -d "title=\"><img src=x onerror=alert(1)>" https://yourforum.com/admin/index.php?module=templates&action=add_template. However, exact commands depend on your environment and authentication method. [3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting administrative access to trusted users only, ensuring that only authenticated administrators can access the template management system. Avoid creating or editing templates with untrusted input. Applying any available patches or updates from the myBB project that address this vulnerability is critical. If a patch is not yet available, consider disabling the template management feature temporarily or implementing input validation and output encoding on the template title field to prevent script injection. Monitoring and auditing administrative actions for suspicious template creations can also help mitigate exploitation. [2]