Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re:[Advisory] phpBB 1.4.4 still suffers from Cross Site Scripting Vulnerability
From: altomo <altomo () digitalgangsters net>
Date: Thu, 28 Mar 2002 21:51:44 -0600 (CST)

Zeroforum is vuln to this as well. Notified a few weeks ago and heard 
nothing back.

After a similar bug was discovered in phpBB 1.4.2, the authors fixed the 
bug
with which JavaScript could inserted by using an [IMG] tag like:

[img]javascript:alert('bla')[/img]




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault