Cross-site scripting (XSS) vulnerability in search.php for PhpBB 2.0.4 and 2.0.9 allows remote attackers to inject arbitrary HTMl or web script via the search_author parameter.Referenceshttp://marc.info/?l=bugtraq&m=109034476122723&w=2http://www.securityfocus.com/bid/10753https://exchange.xforce.ibmcloud.com/vulnerabilities/16758http://secunia.com/advisories/12114
