2 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in PunBB 1.2.11 allows remote authenticated administrators to inject arbitrary HTML or web script to other administrators via the "Admin note" feature, a different vulnerability than CVE-2006-2227...
CVE-2006-2227
CVE-2006-2227 describes a cross-site scripting (XSS) vulnerability in PunBB 1.2.11, specifically in misc.php where an attacker can inject arbitrary script or HTML via the req_message parameter because the redirect_url value is not sanitized. The description does not provide exploit details, affec...