Cross-site scripting (XSS) vulnerability in usercp_register.php for phpBB 2.0.13 allows remote malicious users to inject arbitrary web script or HTML by setting the (1) allowhtml, (2) allowbbcode, or (3) allowsmilies parameters to inject HTML into signatures for personal messages, possibly when they are processed by privmsg.php or viewtopic.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phpbb group phpbb 2.0.13 |