CVE-2006-1215

Name of the Vulnerable Software and Affected Versions Woltlab Burning Board (wBB) version 2.3.4

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the percent parameter in misc.php. The issue might be related to reflected XSS, although its validity has been disputed.

Recommendations For version 2.3.4, consider restricting access to the percent parameter in misc.php to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.