CVE-2009-4937

Name of the Vulnerable Software and Affected Versions Small Pirate (SPirate) version 2.1

Description The issue allows remote attackers to inject arbitrary web script or HTML via an onmouseover action in an img BBCode tag within a url BBCode tag, which can lead to cross-site scripting (XSS).

Recommendations For version 2.1, consider disabling the use of img and url BBCode tags until a patch is available to prevent exploitation.