7 lines
No EOL
407 B
Text
Executable file
7 lines
No EOL
407 B
Text
Executable file
source: http://www.securityfocus.com/bid/4167/info
|
|
|
|
The Extreme Message Board (XMB) 1.6 Magic Lantern pre-beta version reportedly allows JavaScript and HTML to be entered in messages. This can be achieved by entering script or HTML between [img] and [/img] tags in a forum message.
|
|
|
|
This has been fixed in the 1.6 Magic Lantern final beta version of XMB.
|
|
|
|
[img]javasCript:alert('Hello world.')[/img] |