CVE-2022-43709EPSS p46.1%

CVE-2022-43709CVE-2022-43709

mybb / mybb

Description

MyBB 1.8.31 has a SQL injection vulnerability in the Admin CP's Users module allows remote authenticated users to modify the query string via direct user input or stored search filter settings.

Scoring

CVSS 4.9 ()
VectorCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
EPSS0.65% probability of exploitation · percentile 46.1% · 2026-06-18T12:00:27Z
Last modified2026-06-17
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.