CVE-2018-14575

Trash Bin plugin 1.1.3 for MyBB has cross-site scripting (XSS) via a thread subject and a cross-site request forgery (CSRF) via a post subject. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt