CVE-2005-1290

2005-05-02T04:00:00
ID CVE-2005-1290
Type cve
Reporter cve@mitre.org
Modified 2016-10-18T03:18:00

Description

Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) u parameter to profile.php, (2) highlight parameter to viewtopic.php, or (3) forumname or forumdesc parameters to admin_forums.php.