2 matches found
CVE-2007-2908
Cross-site scripting XSS vulnerability in calendar.php in Jelsoft vBulletin before 3.6.6 allows remote attackers to inject arbitrary web script or HTML via the title field in a single add action...
CVE-2007-2908
The CVE-2007-2908 entry describes a cross-site scripting (XSS) vulnerability in Jelsoft vBulletin’s calendar.php, exploitable to inject arbitrary HTML/Script via the title field during a single add action. Affected software is vBulletin prior to version 3.6.6. The underlying issue is an input han...