Cross-site scripting (XSS) vulnerability in YaBB 1 Gold(SP1.3) and YaBB SE 1.5.1 Final allows remote attackers to inject arbitrary web script via the background:url property in (1) glow or (2) shadow tags.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2004-03-14 21:00
Updated : 2017-07-10 18:31
NVD link : CVE-2004-1827
Mitre link : CVE-2004-1827
JSON object : View
CWE
Products Affected
simple_machines
- simple_machines_smf
yabb
- yabb