CVE-2012-6668

2018-01-11T20:29:00
ID CVE-2012-6668
Type cve
Reporter cve@mitre.org
Modified 2018-01-31T14:35:00

Description

Multiple cross-site scripting (XSS) vulnerabilities in the Shout Reports in the DragonByte Technologies vBShout module before 6.0.6 for vBulletin allow remote attackers to inject arbitrary web script or HTML via the (1) reportreason parameter in actions/doreport.php or (2) modnotes parameter in actions/updatereport.php.