Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in usercp_register.php for phpBB 2.0.13 allows remote attackers to inject arbitrary web script or HTML by setting the (1) allowhtml, (2) allowbbcode, or (3) allowsmilies parameters to inject HTML into signatures for personal messages, possibly when they are processed by privmsg.php or viewtopic.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
phpBB 跨站脚本攻击漏洞
Vulnerability Description
phpBB 2.0.13版本的usercp_register.php中存在跨站脚本攻击(XSS)漏洞,允许远程攻击者通过设置(1)allowhtml,(2)allowbbcode或(3)allowsmilies参数以将HTML注入到个人信息签名中来注入任意Web脚本或HTML,此情况可能会在privmsg.php或viewtopic.php处理参数时发生。
CVSS Information
N/A
Vulnerability Type
N/A