Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: CGI abuses : XSS --> Category: infos

phpBB <= 2.0.18 Multiple Cross-Site Scripting Flaws Vulnerability Scan

Vulnerability Scan Summary
Checks for multiple cross-site scripting flaws in phpBB <= 2.0.18

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote web server contains a PHP application that is affected by
several flaws.

Description :

According to its version number, the remote version of this software
is vulnerable to Javascript injection issues using 'url' bbcode tags
and, if HTML tags are enabled, HTML more generally. This may allow an
attacker to inject hostile Javascript into the forum system, to steal
cookie credentials or misrepresent site content. When the form is
submitted the malicious Javascript will be incorporated into
dynamically generated content.

See also :

Solution :

Upgrade to phpBB version 2.0.19 or later.

Threat Level:

Low / CVSS Base Score : 2

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.