CVE-2009-2217

2009-06-2521:00:00

mitre

www.cve.org

5.7 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.3%

JSON

Cross-site scripting (XSS) vulnerability in NBBC before 1.4.2 allows remote attackers to inject arbitrary web script or HTML via an invalid URL in a BBCode img tag.

References

osvdb.org/55266

secunia.com/advisories/35520

sourceforge.net/forum/message.php?msg_id=7455625

sourceforge.net/forum/message.php?msg_id=7456208

sourceforge.net/tracker/?func=detail&aid=2809888&group_id=235382&atid=1096820

exchange.xforce.ibmcloud.com/vulnerabilities/51288