source: http:
//www.securityfocus.com/bid/6226/info
vBulletin does not filter HTML tags from URI parameters, making it prone to cross-site scripting attacks. |
As a result, it is possible for a remote attacker to create a malicious link containing script code which will be executed in the browser of a legitimate user, in the context of the website running vBulletin.
|
0 nhận xét:
Post a Comment