This script is Copyright (C) 2005-2014 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-200505-10
(phpBB: XSS Vulnerability)
phpBB is vulnerable to a cross-site scripting vulnerability due to
improper sanitization of user-supplied input. Coupled with poor
validation of BBCode URLs which may be included in a forum post, an
unsuspecting user may follow a posted link triggering the
Successful exploitation of the vulnerability could cause arbitrary
scripting code to be executed in the browser of a user.
There are no known workarounds at this time.
See also :
All phpBB users should upgrade to the latest version:
emerge --ask --oneshot --verbose '>=www-apps/phpBB-2.0.15'
Risk factor :
Family: Gentoo Local Security Checks
Nessus Plugin ID: 18269 (gentoo_GLSA-200505-10.nasl)
Bugtraq ID: 13344