Cross-site scripting vulnerability in Yet Another Bulletin Board (YaBB) 1 Gold SP 1 and earlier allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Yabb | Yabb | 0.01_release-gold (including) | 0.01_release-gold (including) |
| Yabb | Yabb | 0.01_sp1-gold (including) | 0.01_sp1-gold (including) |
| Yabb | Yabb | 2000-09-01 (including) | 2000-09-01 (including) |
| Yabb | Yabb | 2000-09-11 (including) | 2000-09-11 (including) |
References
- http://online.securityfocus.com/archive/1/249031
- http://online.securityfocus.com/cgi-bin/vulns-item.pl?section=info\u0026id=3828
- http://www.iss.net/security_center/static/7840.php
- http://www.osvdb.org/2019
- http://www.yabbforum.com/
- http://online.securityfocus.com/archive/1/249031
- http://online.securityfocus.com/cgi-bin/vulns-item.pl?section=info\u0026id=3828
- http://www.iss.net/security_center/static/7840.php
- http://www.osvdb.org/2019
- http://www.yabbforum.com/