|
Description
|
|
Two vulnerabilities were identified in phpBB, which could be exploited by malicious people to conduct cross site request forgery and cross site scripting attacks.
The first issue is due to input validation errors in the "admin/admin_smilies.php" script that fails to properly validate the "smile_url" and "smile_emotion" parameters, which could be exploited by malicious users to execute arbitrary scripting code.
The second flaw is due to a design error where the administrator's session ID is included in the "Referer" HTTP header when retrieving external avatar images referenced by a BBcode tag, which could be exploited by attackers to disclose sensitive information by convincing an administrator to view a specially crafted profile containing a malicious avatar.
|
