Vulnerabilities > CVE-2005-0785 - Remote UsersRecentPosts Cross-Site Scripting vulnerability in Yabb 2.0Rc1
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Cross-site scripting (XSS) vulnerability in usersrecentposts in YaBB 2.0 rc1 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
Nessus
| NASL family | CGI abuses : XSS |
| NASL id | YABB_USERSRECENTPOSTS_XSS.NASL |
| description | The installed version of YaBB (Yet Another Bulletin Board) on the remote host suffers from a remote cross-site scripting flaw due to its failure to properly sanitize input passed via the |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 17305 |
| published | 2005-03-10 |
| reporter | This script is Copyright (C) 2005-2018 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/17305 |
| title | YaBB YaBB.pl usersrecentposts Action username Parameter XSS |