Gentoo Security Advisory GLSA 200505-10 (phpBB) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 200505-10.

Solution

All phpBB users should upgrade to the latest version: emerge --sync emerge --ask --oneshot --verbose '>=www-apps/phpBB-2.0.15' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200505-10 http://bugs.gentoo.org/show_bug.cgi?id=90213 http://www.securityfocus.com/bid/13344/info/ http://securitytracker.com/id?1013918

Insight

phpBB is vulnerable to a cross-site scripting attack that could allow arbitrary scripting code execution.

Severity

Classification

CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Gentoo Security Advisory GLSA 200403-06 (Courier)
Gentoo Security Advisory GLSA 200406-18 (gzip)
Gentoo Security Advisory GLSA 200407-01 (esearch)
Gentoo Security Advisory GLSA 200405-24 (mplayer)
Gentoo Security Advisory GLSA 200408-04 (PuTTY)

Take action and discover your vulnerabilities