Cross-site scripting (XSS) vulnerability in downloads/actions/editdownload.php in the DragonByte Technologies vBDownloads module 1.3.2 and earlier for vBulletin allows remote attackers to inject arbitrary web script or HTML via the mirrors[] parameter.
CPE | Name | Operator | Version |
---|---|---|---|
vbdownloads_module | eq | 1.3.2 |