CVE-2002-0330

OpenBB 1.0.0 - Cross-Site Scripting via IMG Tag

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2002-0330. PoCs published by skizzik.

AI-analyzed exploit summary This exploit demonstrates a stored XSS vulnerability in OpenBB by injecting arbitrary JavaScript code via the [img] tag. The PoC shows how an attacker can execute script code in the context of the vulnerable website, potentially stealing cookie-based authentication credentials.

Description

Cross-site scripting vulnerability in codeparse.php of Open Bulletin Board (OpenBB) 1.0.0 allows remote attackers to execute arbitrary script and steal cookies via Javascript in the IMG tag.

Exploits (2)

exploitdb WORKING POC VERIFIED
by skizzik · textwebappsphp
https://www.exploit-db.com/exploits/21301

This exploit demonstrates a stored XSS vulnerability in OpenBB by injecting arbitrary JavaScript code via the [img] tag. The PoC shows how an attacker can execute script code in the context of the vulnerable website, potentially stealing cookie-based authentication credentials.

Classification
Working Poc 100%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: OpenBB (version not specified)
No auth needed
Prerequisites: Access to post a message in the OpenBB forum
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP
webappsphp
https://www.exploit-db.com/exploits/21474

The document describes a cross-site scripting (XSS) vulnerability in OpenBB forum software due to inadequate HTML tag replacement within BBCodes. It provides a proof-of-concept payload demonstrating how arbitrary HTML/JS can be injected via malformed BBCodes.

Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: OpenBB (version not specified)
No auth needed
Prerequisites: Access to post messages in the forum
MITRE ATT&CK
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (5)

Core 5
Core References
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=101466092601554&w=2
Various Sources x_refsource_confirm
http://community.iansoft.net/read.php?TID=5159
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/4171
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/8278.php
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/5658

Scores

EPSS 0.0785
EPSS Percentile 93.9%

Details

Status published
Products (3)
openbb/openbb 1.0.0_beta1
openbb/openbb 1.0.0_rc1
openbb/openbb 1.0.0_rc2
Published Jun 25, 2002
Tracked Since Feb 18, 2026