Description

Cross-site scripting (XSS) vulnerability in index.php in Vanilla Forums before 2.0.17 allows remote attackers to inject arbitrary web script or HTML via the Target parameter in a /entry/signin action.

Remediation

References

CVE-2011-0526

Related Vulnerabilities

Drupal Core 8.x.x Cross-Site Request Forgery (8.0.0 - 8.8.12)

WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Cross-Site Scripting (4.1.9)

WordPress Plugin Post PDF Export Local File Inclusion (1.0.1)

Squid Improper Encoding or Escaping of Output Vulnerability (CVE-2021-31806)

WordPress Plugin Calendar_plugin Cross-Site Scripting (1.0)

Severity

Medium

Classification

CVE-2011-0526 CWE-707

Tags

Missing Update Known Vulnerabilities