source: http:
//www.securityfocus.com/bid/6246/info
Due to insufficient sanitization of user supplied values, it is possible to exploit a vulnerability in VBulletin. By passing an invalid value to a variable located in 'members2.php' , it is possible to generate an error page which will include attacker-supplied HTML code which will be executed in a legitimate users browser.
|
0 nhận xét:
Post a Comment