icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

phpBB < 2.0.22 Multiple Vulnerabilities

Medium

Synopsis

The remote host is vulnerable to multiple attack vectors.

Description

According to its banner, the remote host is running a version of phpBB that fails to sanitize user-supplied input. The details of several of these flaws is unknown; however, it is known that one of the vulnerabilities is an HTML injection flaw. This can enable an attacker to cause arbitrary HTML and script code to be executed in a user's browser within the context of the affected site.

Solution

Upgrade to version 2.0.22 or higher.