CVE-2002-2021 in Burning Board
Summary
by MITRE
Cross-site scripting (XSS) vulnerability in WoltLab Burning Board (wbboard) 1.1.1 allows remote attackers to inject arbitrary web script or HTML via the message parameter.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 08/30/2025
The vulnerability identified as CVE-2002-2021 represents a classic cross-site scripting flaw within the WoltLab Burning Board forum software version 1.1.1. This security weakness enables malicious actors to execute arbitrary web scripts or HTML code within the context of other users' browsers who visit affected pages. The vulnerability specifically manifests through the message parameter, which serves as an entry point for attackers to inject malicious content into forum discussions and posts. The flaw resides in the application's insufficient input validation and output sanitization mechanisms, allowing unfiltered user-supplied data to be directly rendered without proper encoding or filtering.
This XSS vulnerability operates under the Common Weakness Enumeration classification of CWE-79, which specifically addresses "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')". The attack vector enables remote code execution within user browsers, potentially leading to session hijacking, credential theft, or redirection to malicious websites. The vulnerability affects the core functionality of the forum software where user-generated content is displayed, making it particularly dangerous as legitimate users may unknowingly execute malicious scripts when viewing affected posts or messages. The flaw demonstrates a critical failure in the application's security architecture, specifically in how it processes and renders user input.
The operational impact of this vulnerability extends beyond simple script injection, potentially allowing attackers to compromise entire user sessions through session cookie theft or to perform actions on behalf of authenticated users. Users who visit affected forum pages become unwitting participants in the attack, as their browsers execute the injected malicious code without their knowledge. The vulnerability affects the integrity and confidentiality of user data, as attackers can access sensitive information, modify content, or redirect users to phishing sites. This type of vulnerability undermines the trust users place in the forum platform and can result in significant reputational damage to the organization operating the software.
Mitigation strategies for CVE-2002-2021 should focus on implementing robust input validation and output encoding mechanisms throughout the application. The most effective approach involves sanitizing all user-supplied input, particularly the message parameter, before rendering it on web pages. This includes implementing proper HTML encoding for special characters, utilizing content security policies to restrict script execution, and employing regular expression validation to prevent known malicious patterns. Additionally, the software should implement proper session management controls and consider implementing the principle of least privilege for user interactions. Organizations should also consider applying the patch or upgrade to a newer version of WoltLab Burning Board that addresses this vulnerability, as the original version 1.1.1 is no longer supported and lacks modern security features. The vulnerability aligns with ATT&CK technique T1566.001 for initial access through malicious web content, highlighting the importance of web application security controls and input validation in preventing such attacks.