CVE-2012-6670
DragonByte Technologies vbActivity for vBulletin is affected by multiple XSS vulnerabilities in versions prior to 3.0.1. The issue allows remote attackers to inject arbitrary web script or HTML via the reason parameter in actions/nominatemedal.php or actions/requestmedal.php. This is due to impro...
