<<< Date Index >>>     <<< Thread Index >>>

Re: Fw: phpBB privmsg.php XSS vulnerability patch.



This is a previously published Vulnerability and not something that is yet to be reported.
Shaun was referring to the patch itself.

Truthless.

--

Micheal Cottingham wrote:


If you think you have found a security hole with phpBB, contact the security email address ... I assure you they won't bite your head off for notifying them, even if it turns out to be a false alarm.

International Veneer Co., Inc. wrote:

----- Original Message ----- From: "Shaun Colley" <shaunige@xxxxxxxxxxx>
To: <bugtraq@xxxxxxxxxxxxxxxxx>
Sent: Wednesday, January 28, 2004 10:39 AM
Subject: phpBB privmsg.php XSS vulnerability patch.


For those who have not yet installed the phpBB
packages fixing the XSS vulnerability in privmsg.php
documented at <http://www.securityfocus.com/bid/9290>
<snip>


Thank you for your time.
Shaun.