CVE-2006-6421

Name of the Vulnerable Software and Affected Versions phpBB versions 2.0.x

Description The issue concerns a cross-site scripting (XSS) vulnerability in the private message box implementation. This vulnerability allows remote authenticated users to inject arbitrary web script or HTML via the message body field in a message to a non-existent user. The estimated number of potentially affected devices worldwide is not specified.

Recommendations For phpBB versions 2.0.x, update to a version that fixes this issue to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.