VULHUB ™

It has been reported that phpBB may be prone to a cross-site scripting vulnerability that may allow an attacker to execute arbitrary HTML or script code in a user's browser. The issue exists due to insufficient sanitization of user-supplied input via the 'avatarselect' form parameter of 'profile.php' script. phpBB 2.0.6d has been reported to be prone to this issue, however, other versions could be affected as well.

It has been reported that phpBB may be prone to a cross-site scripting vulnerability that may allow an attacker to execute arbitrary HTML or script code in a user's browser. The issue exists due to insufficient sanitization of user-supplied input via the 'avatarselect' form parameter of 'profile.php' script. phpBB 2.0.6d has been reported to be prone to this issue, however, other versions could be affected as well.