EIP-2026-100368
PRE-CVEIdealBB 1.4.9 - 'error.asp' Cross-Site Scripting
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-100368. PoCs published by G00db0y.
AI-analyzed exploit summary The exploit describes a cross-site scripting (XSS) vulnerability in IdealBB's error.asp page due to insufficient sanitization of URI parameters. An attacker can inject malicious scripts via the 'msg' parameter to steal cookies or perform other client-side attacks.
Description
IdealBB 1.4.9 - 'error.asp' Cross-Site Scripting
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by G00db0y · textwebappsasp
https://www.exploit-db.com/exploits/22992
The exploit describes a cross-site scripting (XSS) vulnerability in IdealBB's error.asp page due to insufficient sanitization of URI parameters. An attacker can inject malicious scripts via the 'msg' parameter to steal cookies or perform other client-side attacks.
Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:
IdealBB (version not specified)
No auth needed
Prerequisites:
Victim must follow a malicious link
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026