Cross-site scripting (XSS) vulnerability in Ultimate PHP Board (UPB) 2.2.2, 2.2.1, and earlier 2.x versions allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header.Referenceshttp://secunia.com/advisories/33329https://www.exploit-db.com/exploits/7607http://osvdb.org/51011https://exchange.xforce.ibmcloud.com/vulnerabilities/47607http://www.securityfocus.com/bid/33029
