header-logo
Suggest Exploit
vendor:
PunBB
by:
SecurityFocus
7.5
CVSS
HIGH
HTML Injection
79
CWE
Product Name: PunBB
Affected Version From: 1.2.2003
Affected Version To: 1.2.2003
Patch Exists: YES
Related CWE: N/A
CPE: a:punbb:punbb
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2005

PunBB Multiple HTML Injection Vulnerabilities

PunBB is reportedly affected by multiple HTML injection vulnerabilities. An attacker could exploit this issue to control how the site is rendered to the user; other attacks are also possible such as the theft of cookie-based authentication credentials.

Mitigation:

Input validation should be used to ensure that user-supplied data is properly sanitized.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/12828/info

PunBB is reportedly affected by multiple HTML injection vulnerabilities.

An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible such as the theft of cookie-based authentication credentials.

PunBB 1.2.3 is reported vulnerable, however, other versions may be affected as well. 

example@"/><script>alert()</script>.com

Navigation

Suggest Exploit

Services By CQR