CVE-2009-4894 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in profile.php in PunBB before 1.3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) password or (2) e-mail.

Reference

http://punbb.informer.com/forums/topic/21669/punbb-134/