Description

Cross-site scripting (XSS) vulnerability in search.php in phpBB 2.0.3 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the search_username parameter in searchuser mode.

Remediation

References

CVE-2002-2255

Related Vulnerabilities

WordPress 5.3.x Multiple Vulnerabilities (5.3 - 5.3.4)

WebLogic CVE-2021-2142 Vulnerability (CVE-2021-2142)

WordPress Plugin WooCommerce Possible Remote Code Execution (3.4.5)

WordPress Plugin Crafty Social Buttons Cross-Site Scripting (1.5.6)

Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.13)

Severity

Medium

Classification

CVE-2002-2255 CWE-707

Tags

Missing Update Known Vulnerabilities