GCVE - cpe:2.3:a:mybb:active_threads:1.3.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:mybb:active_threads:1.3.0:*:*:*:*:*:*:*

part: a version: 1.3.0 update: *

Vendor	Mybb (`8821e130-2590-5689-a7de-85bc65b3bdf4`)
Product	Active Threads (`c20e4251-d710-53c9-b778-ddb553d2e9ad`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/mybbgroup/active-threads`	purl2cpe	2026-06-01 10:11:09.764922

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2022-28354`	vulnerable	2026-06-03 14:46:54.745923	Details available In the Active Threads Plugin 1.3.0 for MyBB, the activethreads.php date parameter is vulnerable to XSS when setting a time period. Published: 2023-04-24T00:00:00.000Z Updated: 2025-02-04T16:40:32.925Z Open on db.gcve.eu Reference links https://community.mybb.com/mods.php?action=view&pid=1336 http://packetstormsecurity.com/files/171402/MyBB-Active-Threads-1.3.0-Cross-Site-Scripting.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.