GLSA-201701-25 : phpBB: Multiple vulnerabilities
Medium Nessus Plugin ID 96419
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-201701-25 (phpBB: Multiple vulnerabilities)
Multiple vulnerabilities have been discovered in phpBB. Please review the CVE identifiers referenced below for details.
A remote attacker may be able to change settings, inject arbitrary web script or HTML, or conduct cross-site request forgery (CSRF) attacks.
There is no known workaround at this time.
SolutionGentoo Security support has been discontinued due to phpBB being dropped to unstable. As such, we recommend that users unmerge phpBB:
# emerge --unmerge 'www-apps/phpBB' NOTE: Users could alternatively upgrade to “>=www-apps/phpBB-3.1.10”, however, these packages are not currently marked stable.