<<< Date Index >>>     <<< Thread Index >>>

Re: phpBB (privmsg.php) XSS Exploit



Hello,

This particular exploit was fixed in 2.0.22, which was released on the 23rd 
December 2006.

The correct fix for this issue is contained in that release, and it is 
recommended that people update to 2.0.22.

NeoThermic
phpBB Support Team, Audit Team and Incident Investigation Team Leader.