yMonda Thread-IT Multiple Fields HTML Injection Vulnerability

yMonda Thread-IT Multiple Fields HTML Injection Vulnerability

The following proof of concept was provided:

"><script> this code will hide every thing after it including the the board topics if any attacker write it in the topic title.

<script>windows.open("URL");</script> this code will open a new window when the board loaded.