CVE-2008-2997

Name of the Vulnerable Software and Affected Versions Gravity Board X (GBX) version 2.0 Beta

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the subject parameter in a "postnewsubmit" (also known as "create new thread") action. This could potentially lead to unauthorized actions on the affected system.

Recommendations For Gravity Board X (GBX) version 2.0 Beta, consider restricting access to the "postnewsubmit" action until a fix is available, and avoid using the subject parameter in this action to minimize the risk of exploitation.