CVE-2006-1894

Name of the Vulnerable Software and Affected Versions RevoBoard version 1.8

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via a substitution cipher of the email tag. This occurs when the application's e-mail address obfuscator reverses the transformation. The relationship between RevoBoard and PunBB might be relevant to this issue.

Recommendations For RevoBoard version 1.8, consider disabling the e-mail address obfuscator feature until a patch is available to prevent exploitation of the XSS issue.