CVE-2020-25124
CVE-2020-25124 affects vBulletin 5.6.3 Admin CP. The vulnerability is a cross-site scripting (XSS) flaw exploitable via a crafted URI in admincp/attachment.php&do=rebuild&type=, enabling script execution in the context of an admin user. Public sources in the connected set confirm the issue and pr...