Cross-site scripting (XSS) vulnerability in global.php in Jelsoft vBulletin 2.0.0 up to and including 2.2.8 allows remote malicious users to inject arbitrary web script or HTML via the (1) $scriptpath or (2) $url variables.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jelsoft vbulletin 2.2.2 |
||
jelsoft vbulletin 2.2.3 |
||
jelsoft vbulletin 2.2.4 |
||
jelsoft vbulletin 2.2.5 |
||
jelsoft vbulletin 2.0_rc3 |
||
jelsoft vbulletin 2.2.1 |
||
jelsoft vbulletin 2.2.6 |
||
jelsoft vbulletin 2.2.8 |
||
jelsoft vbulletin 2.0_rc2 |
||
jelsoft vbulletin 2.2.0 |
||
jelsoft vbulletin 2.2.7 |