Bugtraq mailing list archives

ReBB javascripts vulnerability

From: skizzik () imail ru
Date: Mon, 04 Mar 2002 18:44:33 +0300

  Hi!

    Another php - board named ReBB 
(http://www.rebb.net) has a [img] vulnerability. 
   
  Exploit:
    Use this string (my favorite :)) - 
[img]javascript:alert('test')[/img]

  Possible decision:    
    All urls in [img] tag should start with http://

                                SliderGod

Current thread:

ReBB javascripts vulnerability skizzik (Mar 04)