Re: Open Bulletin Board javascript bug.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

>   OpenBB is free php-based forum.  
>
>   Exploit:
>   [img]javasCript:alert('Hello world.')[/img]
>
>   Vulnerable systems:
>   All versions of Open Bulletin Board including 
>   v.1.0.0 
>
>  Immune systems:
>   None
>
>   Solution:
>   All url's in [img] tags should start  
>   with "http://"; 
>
>                                    Yurij Rumiantsev  

Ikonboard version 3.0.1 is vulnerable for the same bug

 -- godminus
[Index of Archives]     [Linux Security]     [Netfilter]     [PHP]     [Yosemite News]     [Linux Kernel]

  Powered by Linux