EIP-2026-100369

PRE-CVE

IdealBB 1.4.9 Beta - HTML Injection

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-100369. PoCs published by Scott M.

AI-analyzed exploit summary This is a functional proof-of-concept for an HTML injection vulnerability in IdealBB, demonstrating how an attacker can inject malicious JavaScript code into board messages. The exploit uses an obfuscated JavaScript event handler to steal cookies when a user clicks the link.

Description

IdealBB 1.4.9 Beta - HTML Injection

Exploits (1)

exploitdb WORKING POC VERIFIED
by Scott M · textwebappsasp
https://www.exploit-db.com/exploits/23055

This is a functional proof-of-concept for an HTML injection vulnerability in IdealBB, demonstrating how an attacker can inject malicious JavaScript code into board messages. The exploit uses an obfuscated JavaScript event handler to steal cookies when a user clicks the link.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: IdealBB (version not specified)
No auth needed
Prerequisites: Access to post messages on the IdealBB board
MITRE ATT&CK
mistral-large-3 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026