Description
Cross-site scripting (XSS) vulnerability in Vanilla Forums before 2.0.17.6 allows remote attackers to inject arbitrary web script or HTML via the p parameter to an unspecified component, a different vulnerability than CVE-2011-0526.
Remediation
References
Related Vulnerabilities
PHP Out-of-bounds Read Vulnerability (CVE-2017-12933)
WordPress Plugin AnnounceME Cross-Site Scripting (0.3.3)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3388)
WordPress Plugin WP Forum Server 'edit_post_id' Parameter SQL Injection (1.7)
WordPress Plugin Contact Form Submissions SQL Injection (1.6.4)