3 matches found
Open redirect
Open redirect vulnerability in Vanilla Forums before 2.0.17.6 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the Target parameter to an unspecified component, a different vulnerability than CVE-2011-0526...
Cross site scripting
Cross-site scripting XSS vulnerability in Vanilla Forums before 2.0.17.6 allows remote attackers to inject arbitrary web script or HTML via the p parameter to an unspecified component, a different vulnerability than CVE-2011-0526...
CVE-2011-0526
CVE-2011-0526 is a documented XSS in Vanilla Forums prior to 2.0.17. An attacker could inject arbitrary script/HTML via the Target parameter in the /entry/signin action (index.php). The Red Hat and NVD entries confirm the affected product and vector, with no exploitation details provided in the s...