CVE-2018-17571
CVE-2018-17571 affects Vanilla before 2.6.1. The vulnerability is a cross-site scripting (XSS) flaw reachable via the email field in a user profile. The connected CNVD/NVD/OSV entries consistently describe the same issue and identify Vanilla 2.6.1 as the fixed version. Practical impact, per the s...