CVE-2006-1089

Name of the Vulnerable Software and Affected Versions PunBB version 1.2.10

Description A cross-site scripting (XSS) issue exists due to improper handling of the URL when the PHP SELF variable is used to handle a pun page tag, allowing remote attackers to inject arbitrary web script or HTML.

Recommendations For PunBB version 1.2.10, consider updating to a newer version that addresses this issue, or as a temporary workaround, restrict access to the header.php file to minimize the risk of exploitation.