VULHUB ™

An HTML injection issue has been reported which may lead to unauthorized code execution. It has been reported that it is possible to inject HTML or script code into the subject and other fields of a message in Phorum. This may be done by including code in message fields before sending a message to the target victim. This issue is a variant of the vulnerability described in BID 7262 that also affects Phorum 3.4.2.

An HTML injection issue has been reported which may lead to unauthorized code execution. It has been reported that it is possible to inject HTML or script code into the subject and other fields of a message in Phorum. This may be done by including code in message fields before sending a message to the target victim. This issue is a variant of the vulnerability described in BID 7262 that also affects Phorum 3.4.2.