5 lines
No EOL
400 B
Text
5 lines
No EOL
400 B
Text
source: http://www.securityfocus.com/bid/8480/info
|
|
|
|
IdealBB is prone to an HTML injection vulnerability. This could permit remote attackers to inject malicious HTML and script code into board messages. The attacker's code may be rendered in the web browser of the user viewing the malicious message.
|
|
|
|
<a href="http://www.google.com" onclick="javascript:alert(document.cookie);">Google</a> |