CVE-2012-1604

Cross-site scripting XSS vulnerability in NextBBS 0.6 allows remote attackers to inject arbitrary web script or HTML via the do parameter to index.php...

CVE-2012-1604

CVE-2012-1604 affects NextBBS 0.6 with an XSS in index.php via the do parameter. Root cause: insufficient input sanitization leads to script/HTML injection. Impact: remote attackers can execute arbitrary script in a victim’s browser. Exploit availability: CIRCL/ExploitsDB reference exists (exploi...