| Title | Gnuboard https://github.com/gnuboard/g6 version 6.x Stored XSS |
|---|
| Description | This stored XSS vulnerability was discovered in the latest version of GnuBoard6. When registered users bookmark and reply to any post on the message board, user input is not properly sanitized, and the reply content is not encoded when displayed. This allows attackers to inject arbitrary JavaScript code, targeting all users who can access the post. Attackers can exploit this vulnerability to steal user cookies, launch phishing attacks, and other malicious activities. |
|---|
| Source | ⚠️ https://github.com/gnuboard/g6/issues/645 |
|---|
| User | ZAST.AI (UID 87884) |
|---|
| Submission | 07/14/2025 11:55 (9 months ago) |
|---|
| Moderation | 07/18/2025 09:24 (4 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 316847 [Gnuboard g6 up to 6.0.10 Post Reply qa cross site scripting] |
|---|
| Points | 20 |
|---|