Cross-site scripting (XSS) vulnerability in YaBB.pl in YaBB 1 GOLD SP 1.3.2 allows remote malicious users to inject arbitrary web script or HTML via a hex-encoded to parameter. NOTE: some sources say that the board parameter is affected, but this is incorrect.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
yabb yabb 1_gold_-_sp_1.3.1 |
||
yabb yabb 1_gold_-_sp_1.3.2 |
||
yabb yabb 1_gold_-_sp_1.2 |
||
yabb yabb 1_gold_-_sp_1.3 |
||
yabb yabb 1.41 |
||
yabb yabb 1_gold_-_sp_1 |
||
yabb yabb 2000-09-11 |
||
yabb yabb 1.40 |
||
yabb yabb 1_gold_release |
||
yabb yabb 2000-09-01 |