EIP-2026-100699
PRE-CVEFuseTalk Forum 4.0 - Multiple Cross-Site Scripting Vulnerabilities
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-100699. PoCs published by steven.
AI-analyzed exploit summary The document describes multiple XSS vulnerabilities in FuseTalk Forum due to insufficient input sanitization. It details how unsanitized request data is echoed in error pages and how malicious script code can be injected via the 'tombstone.cfm' script.
Description
FuseTalk Forum 4.0 - Multiple Cross-Site Scripting Vulnerabilities
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by steven · textwebappscfm
https://www.exploit-db.com/exploits/24680
The document describes multiple XSS vulnerabilities in FuseTalk Forum due to insufficient input sanitization. It details how unsanitized request data is echoed in error pages and how malicious script code can be injected via the 'tombstone.cfm' script.
Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:
FuseTalk Forum
No auth needed
Prerequisites:
Access to craft malicious URIs
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026