Cross-Site Scripting Vulnerability in phpBB 2.0.x
CVE-2006-6421

Currently unrated

Key Information:

Vendor

PHPbb Group

Status
PHPbb
Vendor
CVE Published:
10 December 2006

What is CVE-2006-6421?

The cross-site scripting vulnerability in phpBB 2.0.x affects the private message box (privmsg.php), allowing malicious authenticated users to inject arbitrary web scripts or HTML. This vulnerability arises when users send messages to non-existent recipients, enabling the potential for exploitative actions, including the theft of session cookies or redirecting users to malicious sites.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/30776
vdb-entryx_refsource_XF
http://www.securityfocus.com/archive/1/456579/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=489624
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.