CVE-2002-2340 Information

Description

Cross-site scripting (XSS) vulnerability in read.php in Phorum 3.3.2a allows remote attackers to inject arbitrary web script or HTML via (1) the t parameter or (2) the body of an email response.

Reference

http://marc.info/?l=vuln-dev&m=102121925428844&w=2 http://www.ifrance.com/kitetoua/tuto/5holes5.txt http://www.phorum.org/changelog.txt http://www.securityfocus.com/bid/4739