Description

Cross-site scripting (XSS) vulnerability in search.php in phpBB 2.0.3 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the search_username parameter in searchuser mode.

Remediation

References

CVE-2002-2255

Related Vulnerabilities

WordPress Plugin Formidable Forms-Contact Form, Survey, Quiz, Calculator & Custom Form Builder Multiple Unspecified Vulnerabilities (1.06.08)

WordPress Plugin WooCommerce Information Disclosure (4.5.2)

XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-29209)

Joomla! Core 1.0.x Multiple Vulnerabilities (1.0.0 - 1.0.9)

XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-50721)

Severity

Medium

Classification

CVE-2002-2255 CWE-707

Tags

Missing Update Known Vulnerabilities