EIP-2026-113462
PRE-CVEWoltlab Burning Board 2.3.x - 'register.php' Cross-Site Scripting
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-113462. PoCs published by blueshisha.
AI-analyzed exploit summary This PHP script exploits a stored XSS vulnerability in Woltlab Burning Board by sending a crafted registration request with malicious JavaScript payloads in the 'r_dateformat' parameter. The payload executes arbitrary script code in the context of a user's browser when the profile is viewed.
Description
Woltlab Burning Board 2.3.x - 'register.php' Cross-Site Scripting
Exploits (1)
This PHP script exploits a stored XSS vulnerability in Woltlab Burning Board by sending a crafted registration request with malicious JavaScript payloads in the 'r_dateformat' parameter. The payload executes arbitrary script code in the context of a user's browser when the profile is viewed.