Cross-site scripting (XSS) vulnerability in PunBB 1.2.3 allows remote malicious users to inject arbitrary web script or HTML via the (1) email or (2) Jabber parameters.
source: wwwsecurityfocuscom/bid/12828/info
PunBB is reportedly affected by multiple HTML injection vulnerabilities
An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible such as the theft of cookie-based authentication credentials
PunBB 123 is reported vulnerable, h ...