phpBB2 2.0.22 Cross Site Scripting Vulnerability

2008-01-03T00:00:00
ID SECURITYVULNS:DOC:18785
Type securityvulns
Reporter Securityvulns
Modified 2008-01-03T00:00:00

Description

Opencosmo Security http://www.opencosmo.com

Author: Alfredo Panzera, Opencosmo Security Vendor: phpBB.com Version: 2.0.22

Exploit: Go to http://[website]/forum/admin/admin_groups.php and into 'Group description:' insert your XSS.