Description
Multiple stored XSS in Vanilla Forums before 2.5 allow remote attackers to inject arbitrary JavaScript code into any message on forum.
Remediation
References
Related Vulnerabilities
Dot CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-3688)
WordPress Plugin Bliss Gallery 'upload.php' Arbitrary File Upload (2.1)
Moodle Resource Management Errors Vulnerability (CVE-2015-2268)
WordPress Plugin UserPro-Community and User Profile Multiple Vulnerabilities (5.1.1)