phpbb 2.0.x [xss]

vendor site:http://phpbb.com/ product:phpbb bug:xss risk:low A xss post has been discovered in phpbb ,the impact of this attack is very low ,because it's more a bug , than a vulnerability . An authentificated user can excute some html code in his private message box , by sending a message to an...

Xoops topics : One more time

Hi again, I just found an other Script injection issue in Xoops Private Message Box. http://xooped-site/pmlite.php?touserid=USERIDOFTARGET&msgid=&image=fo o.gif'scriptalert"test";/scriptimg20src='http://www.isecurelabs.com /images/barre.jpg&op=submit&theme=snow&subject=Are you sure...