Wang

**Name of the Vulnerable Software and Affected Versions** phpBB versions 2.0.8a and earlier **Description** The issue allows remote attackers to spoof IP addresses by trusting the IP address in the X-Forwarded-For HTTP header. **Recommendations** For phpBB versions 2.0.8a and earlier, consider validating the IP address through alternative means to prevent spoofing, such as not relying solely on the X-Forwarded-For header.