Cross-site scripting (XSS) vulnerability in downloads/actions/editdownload.php in the DragonByte Technologies vBDownloads module 1.3.2 and previous versions for vBulletin allows remote malicious users to inject arbitrary web script or HTML via the mirrors[] parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dragonbyte-tech vbdownloads module 1.3.2 |