Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board (UBB) 6.2.0 Beta Release 1.0 allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag.
Threat-Mapped Scoring
Score: 0.0
Priority: Unclassified
EPSS
Score: 0.03062Percentile:
0.86166
CVSS Scoring
CVSS v2 Score: 7.5
Severity:
Affected Products
cpe:2.3:a:infopop:ultimate_bulletin_board:5.4.7e:*:*:*:*:*:*:*
cpe:2.3:a:infopop:ultimate_bulletin_board:5.43:*:*:*:*:*:*:*
cpe:2.3:a:infopop:ultimate_bulletin_board:6.0:*:*:*:*:*:*:*
cpe:2.3:a:infopop:ultimate_bulletin_board:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:infopop:ultimate_bulletin_board:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:infopop:ultimate_bulletin_board:6.0.3:*:*:*:*:*:*:*
cpe:2.3:a:infopop:ultimate_bulletin_board:6.0.4f:*:*:*:*:*:*:*
cpe:2.3:a:infopop:ultimate_bulletin_board:6.0beta:*:*:*:*:*:*:*
cpe:2.3:a:infopop:ultimate_bulletin_board:6.2.0_beta_release_1.0:*:*:*:*:*:*:*
← Back to Home
BrownCoat Threat Intelligence Platform | 2025 Steve Gray — You Can’t Take the Sky from Me