Void's Forums

Void Main's Beautiful Site
http://voidmain.is-a-geek.net/forums/

XSS discovered in phpBB 2.0.18 and prior!

http://voidmain.is-a-geek.net/forums/viewtopic.php?f=9&t=1699

Page 1 of 1

XSS discovered in phpBB 2.0.18 and prior!

PostPosted: Sun Jan 15, 2006 11:45 pm
by ZiaTioN
A XSS vulnerability has been discovered in phpBB 2.0.18. It was reported almost a month ago. The phpBB team has released version 2.0.19 in response to this vulnerability along with a path disclosure issue that existed in 2.0.18. I posted a lengthy example to the exploit here.

PostPosted: Mon Jan 16, 2006 8:36 am
by Void Main
Thanks for the heads up! To be clear, HTML must be enabled before the vulnerability can be exposed correct?

PostPosted: Mon Jan 16, 2006 12:38 pm
by ZiaTioN
Correct
All times are UTC - 6 hours
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
http://www.phpbb.com/