This script is Copyright (C) 2005-2014 Tenable Network Security, Inc.
A remote CGI is vulnerable to cross-site scripting.
The remote version of Phorum contains a script called 'register.php'
which is vulnerable to a cross-site scripting attack. An attacker may
exploit this problem to steal the authentication credentials of third
See also :
Upgrade to Phorum 5.0.18 or later.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.7
Public Exploit Available : true