Multiple cross-site scripting (XSS) vulnerabilities in versatileBulletinBoard (vBB) 1.0.0 RC2 allow remote malicious users to inject arbitrary web script or HTML via (1) the url parameter in dereferrer.php and (2) the file parameter in imagewin.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
versatilebulletinboard versatilebulletinboard 1.0.0.rc2 |