Home > Cross Site Scripting, Discussion Boards > Vanilla Forums LatestComment Plugin Discussion Title Script Insertion

Vanilla Forums LatestComment Plugin Discussion Title Script Insertion

May 30th, 2012

Application: Vanilla Forums
Affected Version: version 1.1 and other versions.
Vendor’s URL: LatestComment Plugin
Bug Type: Cross Site Scripting
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Cross Site Scripting, Discussion Boards

Comments are closed.