• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Ikonboard Message Body Cross Agent Scripting Vulnerability

Ikonboard is a web based bulletin board package implemented in Perl. It may be installed under Linux, Windows, or many Unix platforms.

If HTML is enabled, it has been reported that an attacker may include JavaScript content in a message body. When the message is viewed by another user of the system, the script code will execute within the context of the Ikonboard site.