Published:2005/12/27  Last Updated:2008/05/21

JVN#93004125
BBSNote cross-site scripting vulnerability

Overview

BBSNote, CGI bulletin board script, contains a cross-site scripting vulnerability due to improper handling of CGI arguments.

Products Affected

  • BBSNote V8.00b15 to V8.00b18

Description

Impact

A malicious script may be executed on the user's web browser.

Solution

Vendor Status

Vendor Status Last Update Vendor Notes
WonderCatStudio Vulnerable 2005/12/27

References

JPCERT/CC Addendum

Credit

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE
JVN iPedia JVNDB-2005-000802

Update History