CVE-2008-5433 Information

Description

Cross-site scripting (XSS) vulnerability in login.php in PunBB 1.3 and 1.3.1 allows remote attackers to inject arbitrary web script or HTML via the password field.

Reference

http://punbb.informer.com/ http://punbb.informer.com/forums/topic/20475/punbb-132/ http://punbb.informer.com/wiki/punbb13/bugspossible_xss_in_login http://secunia.com/advisories/33059 http://www.openwall.com/lists/oss-security/2008/12/09/3