2 matches found
CVE-2006-4273
Cross-site scripting XSS vulnerability in Jelsoft vBulletin 3.5.4 and 3.6.0 allows remote attackers to inject arbitrary web script or HTML by uploading an attachment with a .pdf extension that contains JavaScript, which is processed as script by Microsoft Internet Explorer 6...
CVE-2006-4273
Affected software: Jelsoft vBulletin 3.5.4 and 3.6.0. Vulnerability type/trigger: Cross-site scripting (XSS) via uploading a .pdf attachment containing JavaScript, which is processed as script by Internet Explorer 6. Impact (as stated): enables remote script execution; documents indicate partial ...