Cross-site scripting (XSS) vulnerability in ViewTopic.php in phpBB, possibly 2.0.6c and earlier, allows remote attackers to execute arbitrary script or HTML as other users via the postorder parameter.
Software | From | Fixed in |
---|---|---|
phpbb_group / phpbb | 2.0 | 2.0.x |
phpbb_group / phpbb | 2.0_rc4 | 2.0_rc4.x |
phpbb_group / phpbb | 2.0.1 | 2.0.1.x |
phpbb_group / phpbb | 2.0.2 | 2.0.2.x |
phpbb_group / phpbb | 2.0.3 | 2.0.3.x |
phpbb_group / phpbb | 2.0.4 | 2.0.4.x |
phpbb_group / phpbb | 2.0.5 | 2.0.5.x |
phpbb_group / phpbb | 2.0.6 | 2.0.6.x |
phpbb_group / phpbb | 2.0.6c | 2.0.6c.x |