Bugtraq mailing list archives
RE: Open Bulletin Board javascript bug.
From: "Justin" <jwgolihew () cs millersville edu>
Date: Tue, 26 Feb 2002 21:05:07 -0500
Snitz Forums 2000, another free bulletin board software is also vulnerable. -----Original Message----- From: godminus [mailto:godminus () owns com] Sent: Tuesday, February 26, 2002 1:24 PM To: bugtraq () securityfocus org Subject: Re: Open Bulletin Board javascript bug.
OpenBB is free php-based forum. Exploit: [img]javasCript:alert('Hello world.')[/img] Vulnerable systems: All versions of Open Bulletin Board including v.1.0.0 Immune systems: None Solution: All url's in [img] tags should start with "http://" Yurij Rumiantsev
Ikonboard version 3.0.1 is vulnerable for the same bug -- godminus
Current thread:
- Re: Open Bulletin Board javascript bug. godminus (Feb 26)
- RE: Open Bulletin Board javascript bug. Justin (Feb 27)