VULHUB ™

A cross-site scripting vulnerability is reported in the YaBB forum 'YaBB.pl' script. As a result, it is possible for a remote attacker to create a malicious link to the affected page of a site hosting the web forum. The malicious link may contain arbitrary HTML and JavaScript code in URI parameters. When this link is visited by an unsuspecting web user, the attacker-supplied code will be executed in their browser in the security context of the vulnerable website.

A cross-site scripting vulnerability is reported in the YaBB forum 'YaBB.pl' script. As a result, it is possible for a remote attacker to create a malicious link to the affected page of a site hosting the web forum. The malicious link may contain arbitrary HTML and JavaScript code in URI parameters. When this link is visited by an unsuspecting web user, the attacker-supplied code will be executed in their browser in the security context of the vulnerable website.