Bugtraq mailing list archives
RE: CSS in phpBB 1.4.4
From: "Paul Owen" <paul () ettanet com>
Date: Wed, 15 Dec 2004 22:15:33 -0000
phpBB 1.4.4 is vulnerable to Cross Site Scripting Attack. [Vulnerable] You can put vbscript in [img] bbcode tags. For example: [img]vbscript: alert(document.cookie)[/img]
phpBB 1.x hasn't been supported for over two years. All users of phpBB 1.x have been long advised to switch to phpBB 2.x or other system (as they see fit). psoTFX - phpbb.com
Current thread:
- CSS in phpBB 1.4.4 SandI] (Dec 15)
- <Possible follow-ups>
- RE: CSS in phpBB 1.4.4 Paul Owen (Dec 15)