Cross-site scripting (XSS) vulnerability in phpBB 2.0.6d and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) postdays parameter to viewtopic.php or (2) topicdays parameter to viewforum.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.014
EPSS Ranking 69.4%