CVE-2009-3649 Information

Description

Cross-site scripting (XSS) vulnerability in forums/index.php in Power Bulletin Board (PBBoard) 2.0.2 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter in a new_topic action.

Reference

http://www.sec-area.com/?p=14123more-141&gtlang=en http://www.securityfocus.com/archive/1/506992/100/0/threaded