PT-2002-2742 · Woltlab · Woltlab Burning Board
Published
2002-12-31
·
Updated
2008-09-05
·
CVE-2002-2021
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
WoltLab Burning Board version 1.1.1
Description
A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML via the
message parameter. This can lead to the execution of malicious code on the victim's browser.Recommendations
For version 1.1.1, update to a newer version that contains a fix for this issue to prevent remote attackers from injecting arbitrary web script or HTML. As a temporary workaround, consider restricting the use of the
message parameter to minimize the risk of exploitation.Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Woltlab Burning Board