CVE-2008-3773
The CVE-2008-3773 entry concerns a cross-site scripting (XSS) vulnerability in vBulletin versions 3.7.2 PL1 and 3.6.10 PL3. When the option “Show New Private Message Notification Pop-Up” is enabled, remote authenticated users can inject arbitrary web script or HTML via a private message subject (...