Splatt Forum 3.0 - Image Tag HTML Injection

source: https://www.securityfocus.com/bid/4953/info

Splatt Forum does not filter HTML from image tags. This may allow an attacker to inject arbitrary script code in forum messages. Injected script code will be executed in the browser of an arbitrary web user who views the malicious forum message, in the context of the website running Splatt Forum.

This may potentially be exploited to hijack web content or steal cookie-based authentication credentials from legitimate users. 

[img]http://a.a/a"onerror="javascript:alert(document.cookie)[/img]