Cross-site scripting (XSS) vulnerability in YaBB 1 Gold(SP1.3) and YaBB SE 1.5.1 Final allows remote malicious users to inject arbitrary web script via the background:url property in (1) glow or (2) shadow tags.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
yabb yabb 1_gold_-_sp_1.3 |
||
simple machines simple machines smf 1.0_b |
||
yabb yabb 1.5.1 |