CVE-2005-0673

2005-05-02T04:00:00
ID CVE-2005-0673
Type cve
Reporter cve@mitre.org
Modified 2008-09-05T20:46:00

Description

Cross-site scripting (XSS) vulnerability in usercp_register.php for phpBB 2.0.13 allows remote attackers to inject arbitrary web script or HTML by setting the (1) allowhtml, (2) allowbbcode, or (3) allowsmilies parameters to inject HTML into signatures for personal messages, possibly when they are processed by privmsg.php or viewtopic.php.