Cross-site scripting (XSS) vulnerability in usercp_register.php for phpBB 2.0.13 allows remote attackers to inject arbitrary web script or HTML by setting the (1) allowhtml, (2) allowbbcode, or (3) allowsmilies parameters to inject HTML into signatures for personal messages, possibly when they are processed by privmsg.php or viewtopic.php.
References
Configurations
Information
Published : 2005-05-01 21:00
Updated : 2008-09-05 13:46
NVD link : CVE-2005-0673
Mitre link : CVE-2005-0673
JSON object : View
CWE
Products Affected
phpbb_group
- phpbb