CVE-2022-43708

MyBB 1.8.31 has a (issue 2 of 2) cross-site scripting (XSS) vulnerabilities in the post Attachments interface allow attackers to inject HTML by persuading the user to upload a file with specially crafted name > MITRE Terms of Use apply – see LICENSE‑MITRE.txt