Description
phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address of the client system, which allows remote attackers to obtain client IP addresses.
Remediation
References
Related Vulnerabilities
WordPress Plugin Activity Log Cross-Site Scripting (2.3.1)
WordPress Plugin Elementor Website Builder Cross-Site Scripting (2.9.13)
WordPress Plugin AllWebMenus WordPress Menu 'abspath' Parameter Remote File Include (1.1.3)
WordPress Plugin WP Visitor Statistics (Real Time Traffic) Unspecified Vulnerability (4.8)