Bugtraq mailing list archives

Re: phpBB (privmsg.php) XSS Exploit

From: neothermic () phpbb com
Date: Fri, 12 Jan 2007 15:42:03 -0800



Hello,

This particular exploit was fixed in 2.0.22, which was released on the 23rd December 2006.

The correct fix for this issue is contained in that release, and it is recommended that people update to 2.0.22.

NeoThermic
phpBB Support Team, Audit Team and Incident Investigation Team Leader.

Current thread:

phpBB (privmsg.php) XSS Exploit info (Jan 11)
- <Possible follow-ups>
- Re: phpBB (privmsg.php) XSS Exploit neothermic (Jan 12)
- Re: phpBB (privmsg.php) XSS Exploit neothermic (Jan 13)