Description

Cross-site scripting (XSS) vulnerability in search.php in phpBB 2.0.3 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the search_username parameter in searchuser mode.

Remediation

References

CVE-2002-2255

Related Vulnerabilities

Squid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-12528)

WordPress Plugin Listing, Classified Ads & Business Directory-uListing Arbitrary File Upload (1.2.1)

WordPress Plugin Nofollow Links Cross-Site Scripting (1.0.10)

WordPress Plugin VaultPress Remote Code Execution (1.9.0)

XOOPS CVE-2009-3963 Vulnerability (CVE-2009-3963)

Severity

Medium

Classification

CVE-2002-2255 CWE-707

Tags

Missing Update Known Vulnerabilities