CVE-2006-0063

Name of the Vulnerable Software and Affected Versions: phpBB version 2.0.19

Description: A cross-site scripting (XSS) issue exists when the "Allowed HTML tags" option is enabled, allowing remote attackers to inject arbitrary web script or HTML via permitted HTML tags containing ' (single quote) characters and active attributes like onmouseover.

Recommendations: For phpBB version 2.0.19, disable the "Allowed HTML tags" option to prevent exploitation until a fix is available. As a temporary workaround, consider restricting the use of active attributes in permitted HTML tags.