Phorum · Phorum · CVE-2003-0283
Name of the Vulnerable Software and Affected Versions:
Phorum versions prior to 3.4.3
Description:
A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script and HTML tags via a message with a "<<" before a tag name in the subject, author's name, or author's e-mail.
Recommendations:
For versions prior to 3.4.3, update to version 3.4.3 or later to resolve the issue.