Bugtraq mailing list archives
Re:[Advisory] phpBB 1.4.4 still suffers from Cross Site Scripting Vulnerability
From: altomo <altomo () digitalgangsters net>
Date: Thu, 28 Mar 2002 21:51:44 -0600 (CST)
Zeroforum is vuln to this as well. Notified a few weeks ago and heard nothing back.
After a similar bug was discovered in phpBB 1.4.2, the authors fixed the bug with which JavaScript could inserted by using an [IMG] tag like: [img]javascript:alert('bla')[/img]
Current thread:
- [Advisory] phpBB 1.4.4 still suffers from Cross Site Scripting Vulnerability Florian Hobelsberger / BlueScreen (Mar 27)
- <Possible follow-ups>
- Re:[Advisory] phpBB 1.4.4 still suffers from Cross Site Scripting Vulnerability altomo (Mar 29)