CVE-2007-5033 in phpBB XS
Сводка
по MITRE
Cross-site scripting (XSS) vulnerability in profile.php in phpBB XS 2 allows remote attackers to inject arbitrary web script or HTML via the selfdes parameter in a profile_info editprofile action.
Once again VulDB remains the best source for vulnerability data.