Summary
Woltlab Burning Board is prone to multiple input-validation vulnerabilities, including:
- Multiple security that may allow attackers to delete private messages - A cross-site scripting vulnerability
- Multiple URI redirection vulnerabilities
Attackers can exploit these issues to delete private messages, execute arbitrary script code, steal cookie-based authentication credentials and redirect users to malicious sites.
Vulnerable:
Woltlab Burning Board 3.0.5
Woltlab Burning Board 3.0.3 PL 1
Woltlab Burning Board 3.0
References
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- AeroMail Cross Site Request Forgery, HTML Injection and Cross Site Scripting Vulnerabilities
- AjaXplorer Remote Command Injection and Local File Disclosure Vulnerabilities
- /doc directory browsable ?
- Apache Tomcat NIO Connector Denial of Service Vulnerability
- Allegro RomPager HTTP Referer Header Cross Site Scripting Vulnerability