YABB/YABB SE Multiple Cross-Site Scripting Vulnerabilites

info
discussion
exploit
solution
references

YABB/YABB SE Multiple Cross-Site Scripting Vulnerabilites

It has been reported that YaBB and YaBB SE are prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure of the applications to properly validate URI supplied user input.

Attackers may exploit this vulnerability to steal authentication credentials. Other attacks may also be possible.