VULHUB ™

Ikonboard does not sufficiently sanitize HTML from photo URIs in user profiles. An attacker may take advantage of this issue to embed malicious script code into their user profile. When the profile is viewed by other users, the attacker-supplied script code will execute in the security context of the site hosting the Ikonboard software. This issue was reported in Ikonboard 3.1.1. Other versions may also be affected.

Ikonboard does not sufficiently sanitize HTML from photo URIs in user profiles. An attacker may take advantage of this issue to embed malicious script code into their user profile. When the profile is viewed by other users, the attacker-supplied script code will execute in the security context of the site hosting the Ikonboard software. This issue was reported in Ikonboard 3.1.1. Other versions may also be affected.