Bugtraq mailing list archives
Re: XSS vulnerability in phpBB (an other ;-)
From: Michael Renzmann <security () dylanic de>
Date: Tue, 09 Sep 2003 18:39:21 +0200
Hi. John Smith wrote:
[url=http://www.izhal.com" onclick=alert("bug");"]test[/url]
Checked that variant with phpBB 2.0.1 again, and it didn't work as well. Seems as this version is not vulnerable.
Bye, Mike
Current thread:
- XSS vulnerability in phpBB (an other ;-) keupon_ps2 (Sep 08)
- Re: XSS vulnerability in phpBB (an other ;-) Victor Sheldeshov (Sep 09)
- <Possible follow-ups>
- Re: XSS vulnerability in phpBB (an other ;-) John Smith (Sep 09)
- Re: XSS vulnerability in phpBB (an other ;-) Michael Renzmann (Sep 09)
- Re: XSS vulnerability in phpBB (an other ;-) omere (Sep 09)
- Re: XSS vulnerability in phpBB (an other ;-) keupon_ps2 (Sep 09)
- Re: XSS vulnerability in phpBB (an other ;-) Everett Feldt (Sep 10)
- Re: XSS vulnerability in phpBB (an other ;-) Steven M. Christey (Sep 10)