RE: Open Bulletin Board javascript bug.

["Nate Pinchot" <npinchot () ccservice cc>]

>   OpenBB is free php-based forum.  
>
>   Exploit:
>   [img]javasCript:alert('Hello world.')[/img]
>
>   Vulnerable systems:
>   All versions of Open Bulletin Board including v.1.0.0 
>
>   Immune systems:
>   None
>
>   Solution:
>   All url's in [img] tags should start with "http://"; 

I had actually informed them about this bug a long time ago and
they informed me they were working on a patch. This was 2 months
ago. Since you posted this to bugtraq they finally released a patch.
The patch can be found here:
http://community.iansoft.net/read.php?TID=5159

For any who care about the technical details of the patch,  they did
NOT filter [img] tags so that they start with http:// as suggested. They
filtered javascript: and some other hex codes. Chances are it is still
vulnerable, and I informed them of this, they don't seem to care.