Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: CGI abuses : XSS --> Category: infos

YaBB Shadow BBCode Tag JavaScript Injection Issue Vulnerability Scan

Vulnerability Scan Summary
Acertains the version of YaBB

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote web server contains a CGI application that is prone to
cross-site scripting attacks.

Description :

The remote host is using the YaBB web forum software.

According to its version number, the remote version of this software
is vulnerable to Javascript injection issues using shadow or glow
tags. This may allow a possible hacker to inject hostile Javascript into
the forum system, to steal cookie credentials or misrepresent site
content. When the form is submitted the malicious Javascript will be
incorporated into dynamically generated content.

See also :


Upgrade to YaBB 1 Gold SP 1.4 or later.

Threat Level:

Low / CVSS Base Score : 2

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.