Package: phpbb2 Severity: important Tags: security Please have a look at: http://marc.theaimsgroup.com/?l=full-disclosure&m=113484567432679&w=2
The mentioned path disclosure is obviously not a problem, but does the described XSS issue have real-world security implications? Cheers, Moritz -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.14-1-686 Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]