oss-security February 2011 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: [oss-security] CVE request: phpbb before 3.0.8

[oss-security] CVE request: phpbb before 3.0.8

From: Hanno Böck <hanno_at_nospam>
Date: Mon Feb 07 2011 - 12:12:26 GMT
To: oss-security@lists.openwall.com

http://www.phpbb.com/support/documents.php?mode=changelog&version=3#v307-PL1

[PHPBB3-9903] - Execute javascript in [flash=] BBCode

Seems to be XSS. Please assign CVE.

-- Hanno Böck mail/jabber: hanno@hboeck.de GPG: BBB51E42 http://www.hboeck.de/