Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Gentoo Local Security Checks >> [GLSA-200505-10] phpBB: Cross-Site Scripting Vulnerability


Vulnerability Assessment Details

[GLSA-200505-10] phpBB: Cross-Site Scripting Vulnerability

Vulnerability Assessment Summary
phpBB: Cross-Site Scripting Vulnerability

Detailed Explanation for this Vulnerability Assessment
The remote host is affected by the vulnerability described in GLSA-200505-10
(phpBB: Cross-Site Scripting Vulnerability)


phpBB is vulnerable to a cross-site scripting vulnerability due to
improper sanitization of user supplied input. Coupled with poor
validation of BBCode URLs which may be included in a forum post, an
unsuspecting user may follow a posted link triggering the
vulnerability.

Impact

Successful exploitation of the vulnerability could cause arbitrary
scripting code to be executed in the browser of a user.

Workaround

There are no known workarounds at this time.

References:
http://www.securityfocus.com/bid/13344/info/
http://securitytracker.com/id?1013918


Solution:
All phpBB users should upgrade to the latest version:
emerge --sync
emerge --ask --oneshot --verbose ">=www-apps/phpBB-2.0.15"


Network Security Threat Level: Medium


Networks Security ID:

Vulnerability Assessment Copyright: (C) 2005 Michel Arboi

Cables, Connectors


Certified Refurbished 5TB WD Elements Portable Hard Drive - RWDBU6Y0050BBK-WESN picture

Certified Refurbished 5TB WD Elements Portable Hard Drive - RWDBU6Y0050BBK-WESN

$99.99



HITACHI HUS724040ALA640 4TB 7200RPM 64MB SATA 6.0Gb/s 3.5

HITACHI HUS724040ALA640 4TB 7200RPM 64MB SATA 6.0Gb/s 3.5" HARD DRIVE ZERO HOURS

$59.99



Certified Refurbished 2TB WD Elements Portable Hard Drive - RWDBU6Y0020BBK-WESN picture

Certified Refurbished 2TB WD Elements Portable Hard Drive - RWDBU6Y0020BBK-WESN

$49.99



12TB 7200RPM 256MB Cache SATA 6.0Gb/s 3.5

12TB 7200RPM 256MB Cache SATA 6.0Gb/s 3.5" Internal NAS Hard Drive -

$85.00



HGST Ultrastar DC HC520 12TB SATA 6Gb 256MB 3.5

HGST Ultrastar DC HC520 12TB SATA 6Gb 256MB 3.5" Enterprise HDD- HUH721212ALE601

$89.99



WD Ultrastar DC HC530 14TB SATA 6G 3.5

WD Ultrastar DC HC530 14TB SATA 6G 3.5" 7200RPM Enterprise HDD - WUH721414ALE604

$119.99



Hitachi HUS723030ALS640 3TB 3.5

Hitachi HUS723030ALS640 3TB 3.5" 64MB 7.2K RPM SAS Drive P/N:0B26328 Tested

$13.99



HITACHI HGST HTS721010A9E630 1TB 2.5

HITACHI HGST HTS721010A9E630 1TB 2.5" SATA3 7200RPM Hard Drive - B GRADE TESTED

$14.95



SEAGATE ST6000NM0034 6TB 7.2K SAS 3.5

SEAGATE ST6000NM0034 6TB 7.2K SAS 3.5" HDD HARD DRIVE

$64.00



1TB HDD/SSD 2.5

1TB HDD/SSD 2.5" SATA Hard Drive for Laptop with Win 10/Win 11 Pro Pre-installed

$20.49



Discussions

No Discussions have been posted on this vulnerability.