Cross-site scripting (XSS) vulnerability in toplist.php in PhpBB Toplist 1.3.7 allows remote malicious users to inject arbitrary HTML or web script via the (1) Name and (2) Information fields when adding a new site (toplistnew action).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phpbb toplist 1.3.7 |