Zeroforum is vuln to this as well. Notified a few weeks ago and heard nothing back. >>After a similar bug was discovered in phpBB 1.4.2, the authors fixed the >>bug >>with which JavaScript could inserted by using an [IMG] tag like: >> >>[img]javascript:alert('bla')[/img]
This archive was generated by hypermail 2b30 : Fri Mar 29 2002 - 12:45:47 PST