Description
Vanilla before 2.6.1 allows XSS via the email field of a profile.
Remediation
References
Related Vulnerabilities
Squid Integer Overflow or Wraparound Vulnerability (CVE-2021-31807)
PHP Resource Management Errors Vulnerability (CVE-2015-4024)
Oracle HTTP Server Use of Insufficiently Random Values Vulnerability (CVE-2020-35163)
Apache Tomcat Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-12615)