Cross-site scripting (XSS) vulnerability in Phorum 5.0.11 and earlier allows remote attackers to inject arbitrary HTML or web script via search.php. NOTE: some sources have reported that the affected file is read.php, but this is inconsistent with the vendors patch.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Phorum | Phorum | 5.0.11 (including) | 5.0.11 (including) |