Description
Cross-site scripting (CSS) vulnerability in IcrediBB 1.1 Beta allows remote attackers to execute arbitrary script and steal cookies as other IcrediBB users via the (1) title or (2) body of posts.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Daniel Nyström · textwebappsphp
https://www.exploit-db.com/exploits/21399
References (3)
Core 3
Core References
Vendor Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/8879.php
Exploit, Patch, Vendor Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-04/0263.html
Exploit, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/4548
Scores
EPSS
0.0544
EPSS Percentile
90.2%
Details
Status
published
Products (1)
icredibb/icredibb
1.1_beta
Published
Jun 18, 2002
Tracked Since
Feb 18, 2026