Bugtraq mailing list archives
Re: Open Bulletin Board javascript bug.
From: godminus <godminus () owns com>
Date: Tue, 26 Feb 2002 20:24:29 +0200
OpenBB is free php-based forum.
Exploit:
[img]javasCript:alert('Hello world.')[/img]
Vulnerable systems:
All versions of Open Bulletin Board including
v.1.0.0
Immune systems:
None
Solution:
All url's in [img] tags should start
with "http://";
Yurij Rumiantsev
Ikonboard version 3.0.1 is vulnerable for the same bug -- godminus
Current thread:
- Re: Open Bulletin Board javascript bug. godminus (Feb 26)
- RE: Open Bulletin Board javascript bug. Justin (Feb 27)