Bugtraq mailing list archives
[IMG] tag vulnerability in vBulletin
From: frog frog <leseulfrog () hotmail com>
Date: 22 Mar 2002 22:56:43 -0000
product : vbulletin versions : 2.2.2, 2.2.0 , maybe others. Probleme : One knows that if one sendings this code in private message : [IMG]javascript:alert('hum');[/IMG] a space will be placed between "java" and "script". This filter can be by-passed : [IMG]javascript:alert('hop');[/IMG] More details in french : http://www.ifrance.com/kitetoua/tuto/vBulletin.txt Translated by google : http://translate.google.com/translate?u=http%3A% 2F%2Fwww.ifrance.com%2Fkitetoua%2Ftuto% 2FvBulletin.txt&langpair=fr%7Cen&hl=fr&prev=% 2Flanguage_tools frog-m@n
Current thread:
- [IMG] tag vulnerability in vBulletin frog frog (Mar 25)