CVE Vulnerabilities

CVE-2005-4357

Published: Dec 20, 2005 | Modified: Oct 19, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.6 LOW
AV:N/AC:H/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Cross-site scripting (XSS) vulnerability in phpBB 2.0.18, when Allowed HTML tags is enabled, allows remote attackers to inject arbitrary Javascript via a permitted HTML tag with (quote) characters and active attributes such as onmouseover.

Affected Software

Name Vendor Start Version End Version
Phpbb Phpbb_group 2.0.18 2.0.18
Phpbb2 Ubuntu dapper *
Phpbb2 Ubuntu edgy *
Phpbb2 Ubuntu feisty *
Phpbb2 Ubuntu gutsy *
Phpbb2 Ubuntu hardy *
Phpbb2 Ubuntu intrepid *

References