Register Log In

UBB.threads PHP Forum Software Community Forums UBB.classic [Archived] UBB.classic Bugs cross-site scripting attacks [FIXED - 6.1.0.4]

Print Thread

Hop To

cross-site scripting attacks [FIXED - 6.1.0.4] #113102 01/18/2002 10:18 AM
Anonymous Unregistered
Anonymous Unregistered	UBB is prone to cross-site scripting attacks via the insertion of HTML tags into image links in messages. Due to insufficient input validation, it is possible to insert arbitrary script code in forum messages/replies. The malicious script code will be executed in the browser of the user viewing the message, in the context of the site running UBB. [enough with the linking already, we fixed this last week...] Comments? [This message was edited by Charles Capps on 18 Jan 02 at 10:23 AM.] [This message was edited by Charles Capps on November 05, 2002 at 09:37 AM.]

Re: cross-site scripting attacks [FIXED - 6.1.0.4] #113103 01/18/2002 10:42 AM
Anonymous Unregistered
Anonymous Unregistered	Fixed in 6.1.0.4/6.2.0 Beta 1.2.

Link Copied to Clipboard

Comment Guidelines: Do post respectful and insightful comments. Don't flame, hate, spam.

Bots
by Outdoorking - 04/13/2024 5:08 PM

Can you add html to language files?
by Baldeagle - 04/07/2024 2:41 PM

Do I need to rebuild my database?
by Baldeagle - 04/07/2024 2:58 AM

This is not a bug, but a suggestion
by Baldeagle - 04/05/2024 11:25 PM

Is UBB.threads still going?
by Aaron101 - 04/01/2022 8:18 AM

Who's Online Now

1 members (1 invisible), 920 guests, and 238 robots.

Key: Admin, Global Mod, Mod

Random Gallery Image

Latest Gallery Images

Los Angeles

Los Angeles
by isaac, August 6

3D Creations

3D Creations
by JAISP, December 30

Artistic structures

Artistic structures
by isaac, August 29

Stones

Stones
by isaac, August 19

Powered by UBB.threads™ PHP Forum Software 8.0.0
(Preview build 20230217)