[33419] in bugtraq
Re: Fw: phpBB privmsg.php XSS vulnerability patch.
daemon@ATHENA.MIT.EDU (Truthless)
Wed Feb 4 14:34:25 2004
Date: Wed, 04 Feb 2004 01:23:43 +0000
From: Truthless <nospam@spamcop.org>
In-reply-to: <40185E71.8060009@michealcottingham.com>
To: Micheal Cottingham <micheal@michealcottingham.com>
Cc: bugtraq@securityfocus.com
Message-id: <4020499F.7070709@spamcop.org>
MIME-version: 1.0
Content-type: text/plain; charset=us-ascii; format=flowed
Content-transfer-encoding: 7BIT
This is a previously published Vulnerability and not something that is
yet to be reported.
Shaun was referring to the patch itself.
Truthless.
--
Micheal Cottingham wrote:
>
> If you think you have found a security hole with phpBB, contact the
> security email address ... I assure you they won't bite your head off
> for notifying them, even if it turns out to be a false alarm.
>
> International Veneer Co., Inc. wrote:
>
>> ----- Original Message ----- From: "Shaun Colley" <shaunige@yahoo.co.uk>
>> To: <bugtraq@securityfocus.com>
>> Sent: Wednesday, January 28, 2004 10:39 AM
>> Subject: phpBB privmsg.php XSS vulnerability patch.
>>
>>
>> For those who have not yet installed the phpBB
>> packages fixing the XSS vulnerability in privmsg.php
>> documented at <http://www.securityfocus.com/bid/9290>
>> <snip>
>>
>>
>> Thank you for your time.
>> Shaun.
>
>
>
