Description
Cross-site scripting (XSS) vulnerability in index.php in Vanilla Forums before 2.0.17 allows remote attackers to inject arbitrary web script or HTML via the Target parameter in a /entry/signin action.
Remediation
References
Related Vulnerabilities
WordPress Plugin Theme My Login 'instance' Parameter Cross-Site Scripting (6.1.4)
MediaWiki Missing Authorization Vulnerability (CVE-2019-12469)
WordPress Plugin WPS Hide Login Multiple Security Bypass Vulnerabilities (1.5.2.2)
WordPress Plugin WP Intercom-Slack for WordPress Information Disclosure (1.2.1)