vbulletin352.txt
Vulnerable Version: 3.5.2 prior versions also may be affected Bug: HtmlInjection Second order CrossSiteScripting Exploitation: Remote with browser HtmlInjection : The software does not properly filter HTML tags in the title of events before being passed to user in 'calendar.php'&'reminder.php AS...