Phorum 3.4 Email Subject Line Script Injection Vulnerability

2003-04-02T00:00:00
ID EDB-ID:22451
Type exploitdb
Reporter peter
Modified 2003-04-02T00:00:00

Description

Phorum 3.4 Email Subject Line Script Injection Vulnerability. Webapps exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/7262/info

It has been reported that it is possible to inject script code into the subject of a message in Phorum. This may be done by constructing a malicious subject line (or other fields) before sending an email to the target victim. 

"><script>alert("Vulnerable");</script>