Cross-site scripting (XSS) vulnerability in YaBB.pl in YaBB 1 GOLD SP 1.3.2 allows remote attackers to inject arbitrary web script or HTML via a hex-encoded to parameter. NOTE: some sources say that the board parameter is affected, but this is incorrect.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Yabb | Yabb | 1.40 | 1.40 |
Yabb | Yabb | 1.41 | 1.41 |
Yabb | Yabb | 1_gold_-_sp_1 | 1_gold_-_sp_1 |
Yabb | Yabb | 1_gold_-_sp_1.2 | 1_gold_-_sp_1.2 |
Yabb | Yabb | 1_gold_-_sp_1.3 | 1_gold_-_sp_1.3 |
Yabb | Yabb | 1_gold_-_sp_1.3.1 | 1_gold_-_sp_1.3.1 |
Yabb | Yabb | 1_gold_-_sp_1.3.2 | 1_gold_-_sp_1.3.2 |
Yabb | Yabb | 1_gold_release | 1_gold_release |
Yabb | Yabb | 2000-09-01 | 2000-09-01 |
Yabb | Yabb | 2000-09-11 | 2000-09-11 |