Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

phpBB < 2.0.17 Nested BBCode URL Tags XSS



The remote host is vulnerable to a Cross-Site Scripting (XSS) attack.


According to its banner, the remote host is running a version of phpBB that fails to sanitize BBCode containing nested URL tags, which enables attackers to cause arbitrary HTML and script code to be executed in a user's browser within the context of the affected site.


Upgrade to version 2.0.17 or higher.