Description

Cross-site scripting (XSS) vulnerability in search.php in phpBB 2.0.3 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the search_username parameter in searchuser mode.

Remediation

References

CVE-2002-2255

Related Vulnerabilities

Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-0783)

YetiForce CRM Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-4092)

WordPress Plugin Contact Form Builder-a plugin for creating contact and feedback forms Multiple SQL Injection Vulnerabilities (1.0.24)

Ruby Resource Management Errors Vulnerability (CVE-2008-4310)

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1599)

Severity

Medium

Classification

CVE-2002-2255 CWE-707

Tags

Missing Update Known Vulnerabilities