Cross-site scripting (XSS) vulnerability in u2u.php in XMB 1.9.3 allows remote malicious users to inject arbitrary web script or HTML via the username parameter.
source: wwwsecurityfocuscom/bid/15342/info
XMB is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site A successful exploit could ...
source: wwwsecurityfocuscom/bid/16604/info
XMB Forum is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because the application fails to properly sanitize user-supplied input
Successful exploits of these vulnerabilities could allow an attacker to compromise the application, a ...