EIP-2026-113457

The code describes a cross-site scripting (XSS) vulnerability in WoltLab Burning Board due to improper input sanitization in the 'folderid' parameter of 'pms.php'. An attacker can inject arbitrary script code to execute in a user's browser.