Phorum < 5.0.18 register.php XSS
Medium Nessus Network Monitor Plugin ID 3203
SynopsisThe remote host is vulnerable to a cross-site scripting (XSS) attack.
DescriptionThe remote version of Phorum contains a script called 'register.php' that is vulnerable to a cross-site scripting attack. An attacker may exploit this problem to steal the authentication credentials of third party users.
SolutionUpgrade to version 5.0.18 or higher.