Cross-site scripting vulnerabilities in PostBoard 2.0.1 and earlier allows remote attackers to execute script as other users via (1) an [IMG] tag when BBCode is enabled, or (2) in a topic title.Referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/8884http://www.securityfocus.com/bid/4561http://www.iss.net/security_center/static/8881.phphttp://www.securityfocus.com/bid/4559http://online.securityfocus.com/archive/1/267936
