Multiple cross-site scripting (XSS) vulnerabilities in privmsg.php in phpBB 2.0.6 allow remote attackers to execute arbitrary script or HTML via the (1) folder or (2) mode variables.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Phpbb | Phpbb_group | 2.0.6 (including) | 2.0.6 (including) |