CVE-2001-0897

Name of the Vulnerable Software and Affected Versions Infopop Ultimate Bulletin Board (UBB) versions prior to 5.47e

Description The issue allows remote attackers to steal user cookies via an [IMG] tag that references an about: URL with an onerror field. This is a cross-site scripting vulnerability.

Recommendations For versions prior to 5.47e, update to version 5.47e or later to resolve the issue. As a temporary workaround, consider restricting the use of [IMG] tags with about: URLs and onerror fields to minimize the risk of exploitation.