JVN#77193915: Twit BBS vulnerable to cross-site scripting

2015-09-01T00:00:00
ID JVN:77193915
Type jvn
Reporter Japan Vulnerability Notes
Modified 2015-09-01T00:00:00

Description

## Description

Twit BBS provided by LEMON-S PHP contains a persistent cross-site scripting (CWE-79) vulnerability due to the processing of imagetitle parameter in index.php.

## Impact

An arbitrary script may be executed on the user's web browser.

## Solution

Do not use Twit BBS
Twit BBS is no longer being developed or maintained. It is recommended to stop using Twit BBS.

## Products Affected

  • Twit BBS