|
Family: CGI abuses : XSS --> Category: infos
Phorum register.php Cross-Site Scripting Vulnerability Scan
Vulnerability Scan Summary Checks for cross-site scripting vulnerability in Phorum's register.php
Detailed Explanation for this Vulnerability Test
The remote version of Phorum contains a script called 'register.php'
which is vulnerable to a cross-site scripting attack. A possible hacker may
exploit this problem to steal the authentication credentials of third
party users.
See also : http://archives.neohapsis.com/archives/fulldisclosure/2005-09/0018.html
Solution : Upgrade to Phorum 5.0.18 or later.
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|