Home / os / solaris

vbul365-rssxss.txt

Posted on 06 March 2007

vBulletin® v3.6.5 has an xss vuln in admincp/index.php in rss feed . exactlly in add rss url by adding : "><script>alert(document.cookie);</script> a cool messege box appear with cookies ;) earlier versions affected also . ----------------------------------------------------------------------------- Discovered by meto5757 -----------------------------------------------------------------------------

 

TOP