← Back

CVE-2004-2402

nvd nist
Published: Dec 31, 2004Modified: Apr 16, 2026

JSON object

Loading...
4.3
Vector
AV:N/AC:M/Au:N/C:N/I:P/A:N
Exploitability: 8.6 / Impact: 2.9
Source: NVD

Description

Cross-site scripting (XSS) vulnerability in YaBB.pl in YaBB 1 GOLD SP 1.3.2 allows remote attackers to inject arbitrary web script or HTML via a hex-encoded to parameter. NOTE: some sources say that the board parameter is affected, but this is incorrect.

Affected (10)

Products: Yabb: Yabb
Yabb
1 product
Yabb
Configuration A
10 vulnerable
Vulnerable SoftwareAffected Versions
Yabb
Yabb
Version 1.40
Yabb
Version 1.41
Yabb
Version 1_gold_-_sp_1.2
Yabb
Version 1_gold_-_sp_1.3.1
Yabb
Version 1_gold_-_sp_1.3.2
Yabb
Version 1_gold_-_sp_1.3
Yabb
Version 1_gold_-_sp_1
Yabb
Version 1_gold_release
Yabb
Version 2000-09-01
Yabb
Version 2000-09-11

References (10)

Source: cve@mitre.org
Exploit
Source: cve@mitre.org
ExploitVendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Exploit
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.