Description
Vanilla before 2.6.1 allows XSS via the email field of a profile.
Remediation
References
Related Vulnerabilities
WordPress Plugin MathJax-LaTeX Cross-Site Request Forgery (1.1)
TYPO3 Improper Input Validation Vulnerability (CVE-2010-4068)
PHP NULL Pointer Dereference Vulnerability (CVE-2016-9934)
WordPress Plugin Contact Form Manager Multiple Vulnerabilities (1.4.4)
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-1455)