CVE-2006-2143 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in TextFileBB 1.0.16 allow remote attackers to inject arbitrary web script or HTML via Javascript events such as \onmouseover\ in the (1) color (2) size or (3) url bbcode tags.

Reference

http://secunia.com/advisories/19883 http://securityreason.com/securityalert/828 http://securitytracker.com/id?1016013 http://www.osvdb.org/25123 http://www.securityfocus.com/archive/1/432461/100/0/threaded http://www.securityfocus.com/bid/17750 https://exchange.xforce.ibmcloud.com/vulnerabilities/26129 Multiple cross-site scripting (XSS) vulnerabilities in TextFileBB 1.0.16 allow remote attackers to inject arbitrary web script or HTML via Javascript events such as \onmouseover
in the (1) color (2) size or (3) url bbcode tags.