Starext

**Name of the Vulnerable Software and Affected Versions** PhpBB Toplist version 1.3.7 **Description** The issue is related to a cross-site scripting (XSS) vulnerability. This vulnerability allows remote attackers to inject arbitrary HTML or web script via the `Name` and `Information` fields when adding a new site using the toplistnew action. **Recommendations** For PhpBB Toplist version 1.3.7, as a temporary workaround, consider restricting user input in the `Name` and `Information` fields to minimize the risk of exploitation. Avoid using these fields until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.