9 lines
No EOL
426 B
Text
9 lines
No EOL
426 B
Text
source: http://www.securityfocus.com/bid/12958/info
|
|
|
|
XM Forum is reported prone to a script injection vulnerability.
|
|
|
|
An attacker can supply arbitrary HTML and script code through the BBCode IMG tag to trigger this issue and execute arbitrary script code in a user's browser.
|
|
|
|
XM Forum RC3 is reported vulnerable. It is possible that other versions are affected as well.
|
|
|
|
[IMG]javasc+ript:alert(document.cookie)[/IMG] |