WoltLab Burning Board Lite Form Mail Script Cross-Site Scripting Vulnerability

WoltLab Burning Board Lite is prone to a cross-site scripting vulnerability. The cause of the vulnerability is that user-supplied data in the form of HTML and script code is not sufficiently sanitized before being output in dynamically generated Web pages.

An attacker could exploit this issue by enticing a Web user into following a malicious link that contains hostile HTML and script code. This may allow for theft of cookie-based authentication credentials or other attacks.


 

Privacy Statement
Copyright 2010, SecurityFocus