Exploitation Summary
EIP tracks 1 public exploit for EIP-2026-100369. PoCs published by Scott M.
AI-analyzed exploit summary This is a functional proof-of-concept for an HTML injection vulnerability in IdealBB, demonstrating how an attacker can inject malicious JavaScript code into board messages. The exploit uses an obfuscated JavaScript event handler to steal cookies when a user clicks the link.
Description
IdealBB 1.4.9 Beta - HTML Injection
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Scott M · textwebappsasp
https://www.exploit-db.com/exploits/23055
This is a functional proof-of-concept for an HTML injection vulnerability in IdealBB, demonstrating how an attacker can inject malicious JavaScript code into board messages. The exploit uses an obfuscated JavaScript event handler to steal cookies when a user clicks the link.
Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:
IdealBB (version not specified)
No auth needed
Prerequisites:
Access to post messages on the IdealBB board
MITRE ATT&CK
mistral-large-3 · analyzed Feb 18, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026