PHPBB2 < 2.0.14 Multiple Vulnerabilities
Medium Nessus Network Monitor Plugin ID 2820
SynopsisThe remote host is running phpBB2, a web-based bulletin board written in PHP.
DescriptionThe remote host is running phpBB2, a web-based bulletin board written in PHP. This version of phpBB2 is vulnerable to multiple Cross-Site Scripting (XSS) attacks. An attacker exploiting this flaw would need to be able to entice a user into browsing a malicious URI. Successful exploitation would lead to the attacker executing code within the client browser possibly resulting in the theft of confidential data.
SolutionUpgrade to version 2.0.14 or higher.