Required CVE Record Information
Description
Cross-site scripting (XSS) vulnerability in global.php in Jelsoft vBulletin 2.0.0 through 2.2.8 allows remote attackers to inject arbitrary web script or HTML via the (1) $scriptpath or (2) $url variables.
References 3 Total
- archives.neohapsis.com: 20021018 vBulletin XSS Security Bug mailing-list
- securityfocus.com: 5997 vdb-entry
- iss.net: vBulletin-usercp-xss(10407) vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 3 Total
- archives.neohapsis.com: 20021018 vBulletin XSS Security Bug mailing-listx_transferred
- securityfocus.com: 5997 vdb-entryx_transferred
- iss.net: vBulletin-usercp-xss(10407) vdb-entryx_transferred