AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2008-2965: Cross-site scripting (XSS) vulnerability in viewforum.php in JaxUltraBB (JUBB) 2.0 and earlier allows remote attackers t

infovulnerability

security

Source: NVD/CVE DatabaseJuly 2, 2008CVE-2008-2965

Summary

CVE-2008-2965 is a cross-site scripting (XSS, a type of attack where an attacker injects malicious code into a webpage that runs in other users' browsers) vulnerability in JaxUltraBB (JUBB) version 2.0 and earlier. The flaw exists in the viewforum.php file and allows attackers to inject arbitrary web script or HTML through the forum parameter.

Vulnerability Details

CVSS Score

4.3

EPSS (30-day exploit probability)

EPSS: 3.1%

Classification

Attack SophisticationTrivial

Taxonomy References

CWE (Weakness Type)

CWE-79

CAPEC (Attack Pattern)

CAPEC-198 CAPEC-86

Original source: https://nvd.nist.gov/vuln/detail/CVE-2008-2965

First tracked: February 15, 2026 at 08:42 PM

Classified by LLM (prompt v3) · confidence: 95%