2003-05-14 04:00:00
mitre
PUBLISHED
Cross-site scripting (XSS) vulnerability in Phorum before 3.4.3 allows remote attackers to inject arbitrary web script and HTML tags via a message with a "<<" before a tag name in the (1) subject, (2) authors name, or (3) authors e-mail.