phpBB Nested url BBCode Tag XSS

2005-07-05T21:02:40
ID OSVDB:17888
Type osvdb
Reporter OSVDB
Modified 2005-07-05T21:02:40

Description

Solution Description

Upgrade to version 2.0.17 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Secunia Advisory ID:16232 Secunia Advisory ID:16149 Other Advisory URL: http://www.phpbb.com/phpBB/viewtopic.php?t=308490 Other Advisory URL: http://www.debian.org/security/2005/dsa-768 Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-07/0097.html Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-07/0093.html Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-07/0110.html CVE-2005-2161