Bugtraq mailing list archives
Re: SECURITY.NNOV: ikonboard 3.1.1 CSS
From: "Rajkumar S." <listuser () myrealbox com>
Date: Fri, 4 Oct 2002 23:59:09 +0530 (IST)
On Fri, 4 Oct 2002, 3APA3A wrote:
The only change in Ikonboard 3.1.1 (at least on sending private messages) is it checks URL extension to be .gif or .jpg, so [IMG]javascript:alert(document.cookie).gif[/IMG] still works perfectly....
Not working for me, IconBoard 3.1.1 Error message is Sorry, dynamic pages in the [IMG] tags are not allowed raj
Current thread:
- SECURITY.NNOV: ikonboard 3.1.1 CSS 3APA3A (Oct 04)
- Re: SECURITY.NNOV: ikonboard 3.1.1 CSS Rajkumar S. (Oct 07)