CVE-2002-1829

Name of the Vulnerable Software and Affected Versions OpenBB version 1.0.0 RC3

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This can be achieved via several methods, including the myhome.php page, an onerror attribute in an IMG tag, or a glow tag.

Recommendations For OpenBB version 1.0.0 RC3, consider disabling the codeparse.php functionality until a patch is available to prevent exploitation of the XSS issue. Restrict access to the myhome.php page and avoid using onerror attributes in IMG tags or glow tags in the affected version to minimize the risk of exploitation.