Infopop · Infopop Ultimate Bulletin Board · CVE-2003-0587
Name of the Vulnerable Software and Affected Versions:
Infopop Ultimate Bulletin Board (UBB) versions 6.x
Description:
The issue allows remote authenticated users to execute arbitrary web script and gain administrative access. This is achieved via the `displayed name` attribute of the `ubber` cookie.
Recommendations:
For Infopop Ultimate Bulletin Board (UBB) versions 6.x, update the software to a version that fixes this issue, ensuring that the `displayed name` attribute of the `ubber` cookie is properly sanitized to prevent arbitrary web script execution.