Void's Forums

Void Main's Beautiful Site

Skip to content

XSS discovered in phpBB 2.0.18 and prior!

Place to discuss anything, almost. No politics, religion, Microsoft, or anything else that I (the nazi censor) deem inappropriate.
Post a reply

XSS discovered in phpBB 2.0.18 and prior!

Postby ZiaTioN » Sun Jan 15, 2006 11:45 pm

A XSS vulnerability has been discovered in phpBB 2.0.18. It was reported almost a month ago. The phpBB team has released version 2.0.19 in response to this vulnerability along with a path disclosure issue that existed in 2.0.18. I posted a lengthy example to the exploit here.
ZiaTioN
administrator
administrator
 
Posts: 460
Joined: Tue Apr 08, 2003 3:28 pm
Top

Postby Void Main » Mon Jan 16, 2006 8:36 am

Thanks for the heads up! To be clear, HTML must be enabled before the vulnerability can be exposed correct?
User avatar
Void Main
Site Admin
Site Admin
 
Posts: 5705
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Top

Postby ZiaTioN » Mon Jan 16, 2006 12:38 pm

Correct
ZiaTioN
administrator
administrator
 
Posts: 460
Joined: Tue Apr 08, 2003 3:28 pm
Top
Post a reply

Return to The Lounge

Who is online

Users browsing this forum: No registered users and 0 guests

Powered by phpBB® Forum Software © phpBB Group
cron