Cross-site scripting (XSS) vulnerability in login.php in PunBB 1.3 and 1.3.1 allows remote attackers to inject arbitrary web script or HTML via the password field.Referenceshttp://www.openwall.com/lists/oss-security/2008/12/09/3http://punbb.informer.com/forums/topic/20475/punbb-132/http://punbb.informer.com/http://secunia.com/advisories/33059http://punbb.informer.com/wiki/punbb13/bugs#possible_xss_in_login
