Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.17 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) error_msg parameter to usercp_register.php, (2) forward_page parameter to login.php, and (3) list_cat parameter to search.php, which are not initialized as variables.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2005-11-01T21:00:00
Updated: 2016-10-17T13:57:01
Reserved: 2005-11-01T00:00:00
Link: CVE-2005-3418
JSON object: View
NVD Information
Status : Modified
Published: 2005-11-01T21:02:00.000
Modified: 2016-10-18T03:35:25.493
Link: CVE-2005-3418
JSON object: View
Redhat Information
No data.
CWE