Phorum Cross-Site Scripting Vulnerability

Phorum Cross-Site Scripting Vulnerability

Phorum is a PHP based web forums package.

A cross site scripting vulnerability exists in specific versions of Phorum. By constructing a URL to a vulnerable site, an attacker may insert script commands into the displayed page. If a user of the Phorum system follows such a link, the script will execute in the context of the Phorum page. This may lead to the compromise of that user's Phorum account, through the theft of cookie data.