This script is Copyright (C) 2005-2015 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-200505-10
(phpBB: XSS Vulnerability)
phpBB is vulnerable to a cross-site scripting vulnerability due to
improper sanitization of user-supplied input. Coupled with poor
validation of BBCode URLs which may be included in a forum post, an
unsuspecting user may follow a posted link triggering the
Successful exploitation of the vulnerability could cause arbitrary
scripting code to be executed in the browser of a user.
There are no known workarounds at this time.
See also :
All phpBB users should upgrade to the latest version:
emerge --ask --oneshot --verbose '>=www-apps/phpBB-2.0.15'
Risk factor :
Family: Gentoo Local Security Checks
Nessus Plugin ID: 18269 (gentoo_GLSA-200505-10.nasl)
Bugtraq ID: 13344
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.