Summary
The remote web server contains a PHP application that is affected by a cross-site scripting vulnerability.
Description :
The remote version of PunBB is vulnerable to cross-site scripting flaws because the application does not validate IMG tag. With a specially crafted URL, an attacker can cause arbitrary code execution within a user's browser, resulting in a loss of integrity.
Solution
Update to PunBB version 1.0.1 or later.
References
Updated on 2015-03-25