Mibew

mibew

2 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-17476 1Mibew 1Messenger Nov 21, 2024 Aug 10, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Mibew Messenger before 3.2.7 allows XSS via a crafted user name.
CVE-2012-0829 1Mibew 1Mibew Messenger Apr 29, 2026 Feb 14, 2012 N/A· v4 N/A· v3 6.0 MEDIUM· v2 Multiple cross-site request forgery (CSRF) vulnerabilities in Mibew Messenger 1.6.4 and earlier allow remote attackers to hijack the authentication of operators for requests that insert cross-site scripting (XSS) sequenc...Show more Multiple cross-site request forgery (CSRF) vulnerabilities in Mibew Messenger 1.6.4 and earlier allow remote attackers to hijack the authentication of operators for requests that insert cross-site scripting (XSS) sequences via the (1) address or (2) threadid parameters to operator/ban.php; or (3) geolinkparams, (4) title, or (5) chattitle parameters to operator/settings.php.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2020-17476

1Mibew

1Messenger

Nov 21, 2024

Aug 10, 2020

N/A· v4

6.1 MEDIUM· v3

4.3 MEDIUM· v2

Mibew Messenger before 3.2.7 allows XSS via a crafted user name.

CVE-2012-0829

1Mibew

1Mibew Messenger

Apr 29, 2026

Feb 14, 2012

N/A· v4

N/A· v3

6.0 MEDIUM· v2

Multiple cross-site request forgery (CSRF) vulnerabilities in Mibew Messenger 1.6.4 and earlier allow remote attackers to hijack the authentication of operators for requests that insert cross-site scripting (XSS) sequences via the (1) address or (2) threadid parameters to operator/ban.php; or (3) geolinkparams, (4) title, or (5) chattitle parameters to operator/settings.php.Show less