Simple Oekaki BBS vulnerable to cross-site scripting
Overview Simple Oekaki BBS provided by LEMON-S PHP contains a persistent cross-site scripting CWE-79 vulnerability due to the processing of oekakis parameter in index.php. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...