Cross-site scripting vulnerability in phpBB 2.0.0 (phpBB2) allows remote malicious users to execute Javascript as other phpBB users by including a and a double-quote (") in the [IMG] tag, which bypasses phpBB's security check, terminates the src parameter of the resulting HTML IMG tag, and injects the script.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phpbb group phpbb 2.0_rc1 |
||
phpbb group phpbb 2.0_rc3 |
||
phpbb group phpbb 2.0.0 |
||
phpbb group phpbb 2.0_beta1 |
||
phpbb group phpbb 2.0_rc2 |
||
phpbb group phpbb 2.0_rc4 |