CVE-2014-9917
CVE-2014-9917 affects Bilboplanet 2.0. The issue is a stored XSS vulnerability triggered when adding a tag via the URL parameter in user/?page=tribes tags. The root cause is unsanitized input in tag handling, allowing injected script to be stored and later rendered to other users. Impact is descr...