PublicDate: 2005-12-20 01:03:00 UTC
Candidate: CVE-2005-4357
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4357
Description:
 Cross-site scripting (XSS) vulnerability in phpBB 2.0.18, when "Allowed
 HTML tags" is enabled, allows remote attackers to inject arbitrary
 Javascript via a permitted HTML tag with " (quote) characters and active
 attributes such as onmouseover.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_phpbb2: ignored (reached end-of-life)
edgy_phpbb2: released (2.0.21-3)
feisty_phpbb2: released (2.0.21-3)
gutsy_phpbb2: released (2.0.21-3)
hardy_phpbb2: released (2.0.21-3)
intrepid_phpbb2: released (2.0.21-3)
jaunty_phpbb2: DNE
karmic_phpbb2: DNE
devel_phpbb2: DNE
upstream_phpbb2: needs-triage